News
Busy Beaver AwardWritten on 13.04.21 by Michael Schwarz Hi, I just wanted to thank all of you for the great evaluation and feedback. SCAD was awarded the Busy Beaver Award for the best advanced lecture. Hi, I just wanted to thank all of you for the great evaluation and feedback. SCAD was awarded the Busy Beaver Award for the best advanced lecture. Cheers, |
Re-examWritten on 29.03.21 by Michael Schwarz Hi, the re-exam is on Friday, April 16, 2021. Due to the worsening COVID situation, the re-exam will be an oral exam. I will send out timeslots as soon as the registration is closed. You are only allowed to take the re-exam if you failed the main exam, did not show up to the main exam, or did not… Read more Hi, the re-exam is on Friday, April 16, 2021. Due to the worsening COVID situation, the re-exam will be an oral exam. I will send out timeslots as soon as the registration is closed. You are only allowed to take the re-exam if you failed the main exam, did not show up to the main exam, or did not register for the main exam although you had more than 50 points on the practical part. You cannot use the re-exam to improve your main exam's grade. Cheers, |
Grades enteredWritten on 24.03.21 by Michael Schwarz Hi, the exam is corrected, and the grades (including points from the practicals and bonus points) are entered in LSF. Congratulations on all the good results! If you want to inspect your exam, simply write me a mail. Cheers, |
Practical 3 results + final challengeWritten on 01.02.21 by Michael Schwarz Hi, the results from the last practical are now available, and also the final points over all the practicals. You can find both lists in the test system. As written in the CMS, the maximum number of points is 50, and you need at least 26 points to qualify for the exam. I'm really impressed with… Read more Hi, the results from the last practical are now available, and also the final points over all the practicals. You can find both lists in the test system. As written in the CMS, the maximum number of points is 50, and you need at least 26 points to qualify for the exam. I'm really impressed with how many of you achieved the maximum number of points. Well done! There is a final, maybe a bit surprising, lecture challenge. I'd like to have feedback regarding the practicals. I decided to make this a lecture challenge as well, such that you can immediately benefit from giving feedback ;) The feedback is, of course, anonymous. When filling out the anonymous form, you will receive the flag which you can submit to get your points. You can, of course, also give feedback via the CMS or mail - the more feedback you give me, the happier I am. Cheers, |
Friendly reminder: Tag your submissionWritten on 31.01.21 by Michael Schwarz Hi, just a friendly reminder in case you have not tagged yet: the deadline is in five hours, so if you want your points, don't forget to tag! Also, ensure that your tag is pushed to the repository (git push --tags). If you see your tag in the git web interface, then it worked. Cheers, |
Exam DateWritten on 19.01.21 by Michael Schwarz Hi, we now have a date for the exam. Those of you who watched the lecture today already know it: the exam will be on March, 23rd, 2021 at 2pm in E1 3, HS002. The exam will be in person as long as there isn't any regulation that forbids that. If you cannot attend the exam, e.g., due to travel… Read more Hi, we now have a date for the exam. Those of you who watched the lecture today already know it: the exam will be on March, 23rd, 2021 at 2pm in E1 3, HS002. The exam will be in person as long as there isn't any regulation that forbids that. If you cannot attend the exam, e.g., due to travel restrictions, quarantine, or medical reasons, please send me an email and I'll do my best to find an alternative solution. Cheers, |
Practical 2 resultsWritten on 11.01.21 by Michael Schwarz The results of the second practical are now online in the test system. If you have any questions regarding your points just send me an email. |
Practical 2 deadlineWritten on 02.01.21 by Michael Schwarz The deadline for practical 2 is wrongly stated in the description. It should be Sunday, January 10, 2021. I've also updated the PDF in the CMS with the correct date. |
Practical 1 results and Christmas challengeWritten on 22.12.20 by Michael Schwarz The results of the first practical are now online in the test system. If you have any questions regarding your points you can send me an email. Although today is no lecture, there is still a Christmas lecture challenge in the CTF system. Have fun solving it, and enjoy your Christmas break! |
Friendly reminder: Tag your submissionWritten on 20.12.20 by Michael Schwarz Just a friendly reminder in case you have not tagged yet: the deadline is in approximately one and a half hours, so if you want your points, don't forget to tag! Also, ensure that your tag is pushed to the repository (git push --tags). If you see your tag in the git web interface, then it worked. |
Git RepositoryWritten on 15.11.20 by Michael Schwarz Hi, you should have received your credentials for your Git repository for the practicals. Please also check your spam folder. If you did not receive the mail with your credentials, send me a mail so I can resend you your credentials. Cheers, |
First LectureWritten on 02.11.20 by Michael Schwarz Hello and welcome everyone registered to this course! The first lecture starts tomorrow at 10 am (sharp) on YouTube. The link to the stream can be found on the Materials page. The stream is unlisted, so please don't share it outside of this lecture. Cheers, |
Side-Channel Attacks and Defenses
In this lecture, you will learn about side channels in software and hardware, their security implications, how they can be exploited from software, and ways to prevent data leakage. Since 2018, side channels received a lot of attention as they are a vital part of Meltdown and Spectre attacks. Meltdown and Spectre showed that the security boundaries of modern CPUs can be circumvented with the help of side channels. However, besides these publicly known attacks, there are many more attacks relying on side channels. In particular, this lecture provides an overview of attack techniques and countermeasures for
- Timing Attacks
- Cache Attacks
- Page Table Attacks
- Transient Execution Attacks (Meltdown- and Spectre-type Attacks)
- Fault Attacks
This course provides hands-on experience with various exercises, in which attacks and defenses have to be implemented and evaluated.
Prerequisites
There are no formal prerequisites for this course. However, if you want to participate, you should
- be familiar with programming C (it helps if you also have a basic understanding of x86 Assembly)
- have a basic understanding of operating systems (e.g., the concept of virtual memory)
- be able to work on Linux, as some exercises are only officially supported on Linux
Time and Location
The lecture will take place every Tuesday from 10.00-12.00, starting 3.11.2020. Location: YouTube (link in the Materials page). No physical presence is required except for the final exam (see below).
Grading
There is a total of 100 points for this course. There are up to 50 points for the practical assignments and 50 points for the final exam. Additionally, there are optional lecture challenges that give you bonus points if you solve them.
Note that you need a minimum of 26 points in the practical assignments and a minimum of 26 points in the exam to pass this course. Bonus points can only be used to get a better grade if you already passed the course, i.e., if you have at least 52 points without the bonus points.
Practical Assignments
There are three practical assignments with a total of 50 points. You need at least 26 points in total to pass the course. The practical assignments cover the topics covered in the lecture and aim to deepen your knowledge of the topics.
You can discuss the assignments with other students, but you should not collaborate on the solution with anyone. Your solution should be original and not be an existing solution (e.g., from someone else, or from the internet). All submissions will be automatically checked for plagiarism. Plagiarism automatically results in zero points.
Written Exam
Exams are done in writing. The final exam will take place on March, 23rd, 2021 at 2pm in E1 3, HS002. Note that physical presence is required for the exam.
Exams consist of both theoretical questions and practical questions. Theoretic questions are basically the theoretic parts of the slides and possibly additional content presented in the lecture, which is not part of the slides. Practical questions are, in principle, similar to the tasks given in the lecture challenges as well as in the practicals. However, the complexity of the questions is scaled to make them adequate for the time available during an exam.
All questions of the exam are in English. Answers can be given either in English or in German, at the student’s discretion.
No lecture notes or any other materials are allowed during an exam. All materials required to solve the practical questions are provided at the exam.
Lecture Challenges
During the lecture, there will be small “Lecture Challenges” that you can optionally solve as a bonus. These challenges are optional, but solving them results in bonus points. The aim of the challenges is to dig deeper into a certain topic of the respective lecture. Thus, it is advisable to try to complete the challenge soon after the lecture.