Practical Keystroke Timing Attacks in Sandboxed JavaScript
|
|
- Drusilla Elliott
- 5 years ago
- Views:
Transcription
1 Practical Keystroke Timing Attacks in Sandboxed JavaScript M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Sep 11, 2017 ESORICS 17 Graz University of Technology
2 Motivation Keystroke timing attacks infer typed words, passphrases or create user fingerprints 2 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
3 Motivation Keystroke timing attacks infer typed words, passphrases or create user fingerprints Typically require native code execution 2 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
4 Motivation Keystroke timing attacks infer typed words, passphrases or create user fingerprints Typically require native code execution First JavaScript-based keystroke timing attack 2 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
5 Motivation Keystroke timing attacks infer typed words, passphrases or create user fingerprints Typically require native code execution First JavaScript-based keystroke timing attack Build classifiers to detect visited websites or to identify users and a covert channel 2 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
6 Motivation Keystroke timing attacks infer typed words, passphrases or create user fingerprints Typically require native code execution First JavaScript-based keystroke timing attack Build classifiers to detect visited websites or to identify users and a covert channel Runs in the background and can monitor on other tabs and applications 2 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
7 Background
8 Keystroke Timing Attacks Acquire accurate timestamps of keystrokes for input sequences 3 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
9 Keystroke Timing Attacks Acquire accurate timestamps of keystrokes for input sequences Depend on bigrams, syllables, words, keyboard layout and typing experience 3 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
10 Keystroke Timing Attacks Acquire accurate timestamps of keystrokes for input sequences Depend on bigrams, syllables, words, keyboard layout and typing experience Exploit timing characteristics to learn information about the user or the input Infer typed sentences Recover passphrases 3 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
11 Keystroke Timing Attacks Many ways to obtain keystroke timings have been presented: SSH leaks inter-keystroke timings in interactive mode [Son+01] Network latency with significant traffic [Hog+01] Instruction and stack pointer, interrupt, network packet statistics [Zha+09] CPU usage [Jan+12] Wi-Fi Signals [Ali+15] /proc/interrupts [Dia+16] JavaScript Sensor API [Meh+16] 4 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
12 Interrupt-timing Attacks Idea: Continuously acquire a high-resolution timestamp and monitor differences between subsequent timestamps [Sch+17] 5 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
13 Interrupt-timing Attacks Idea: Continuously acquire a high-resolution timestamp and monitor differences between subsequent timestamps [Sch+17] Requires unprivileged code execution and an accurate timing source (e.g., rdtsc) 5 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
14 Interrupt-timing Attacks 1 int now = rdtsc(); 2 while (true) { 3 int last = now; 4 now = rdtsc(); 5 if ((now - last) > threshold) { 6 reportevent(now, now - last); 7 } 8 } 6 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
15 Interrupt-timing Attacks 1 int now = rdtsc(); 2 while (true) { 3 int last = now; 4 now = rdtsc(); 5 if ((now - last) > threshold) { 6 reportevent(now, now - last); 7 } 8 } Look at how much time has passed since the last measurement 6 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
16 Interrupt-timing Attacks 1 int now = rdtsc(); 2 while (true) { 3 int last = now; 4 now = rdtsc(); 5 if ((now - last) > threshold) { 6 reportevent(now, now - last); 7 } 8 } Look at how much time has passed since the last measurement Significant differences occur when the process is interrupted 6 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
17 Interrupt-timing Attacks 1 int now = rdtsc(); 2 while (true) { 3 int last = now; 4 now = rdtsc(); 5 if ((now - last) > threshold) { 6 reportevent(now, now - last); 7 } 8 } Look at how much time has passed since the last measurement Significant differences occur when the process is interrupted More time the operating system consumes to handle the interrupt higher timing difference 6 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
18 Interrupt-timing Attacks p a s s w o r d Delta [cycles] Runtime [cycles] M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
19 Timing Attacks in Sandboxed JavaScript High Resolution Time API (performance.now) 8 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
20 Timing Attacks in Sandboxed JavaScript High Resolution Time API (performance.now) Utilized to mount various attacks: Page deduplication [Gru+15] Cache attacks [Ore+15] 8 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
21 Timing Attacks in Sandboxed JavaScript High Resolution Time API (performance.now) Utilized to mount various attacks: Page deduplication [Gru+15] Cache attacks [Ore+15] W3C standard now recommends a resolution of 5 µs 8 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
22 Sandboxed Keystroke Timing Attacks without High-Resolution Timers
23 Sandboxed Keystroke Timing Attacks w/o High-Resolution Timers Two phases: 9 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
24 Sandboxed Keystroke Timing Attacks w/o High-Resolution Timers Two phases: Online phase: Acquire timing traces 9 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
25 Sandboxed Keystroke Timing Attacks w/o High-Resolution Timers Two phases: Online phase: Acquire timing traces Offline phase: Post-processing and evaluation 9 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
26 Online phase How can we mount the attack in JavaScript? 10 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
27 Online phase How can we mount the attack in JavaScript? Native instruction (rdtsc) not available 10 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
28 Online phase How can we mount the attack in JavaScript? Native instruction (rdtsc) not available performance.now limited resolution 10 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
29 Online phase How can we mount the attack in JavaScript? Native instruction (rdtsc) not available performance.now limited resolution Implement a monotonic clock 10 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
30 Online phase How can we mount the attack in JavaScript? Native instruction (rdtsc) not available performance.now limited resolution Implement a monotonic clock Constantly increment a value 10 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
31 Online phase How can we mount the attack in JavaScript? Native instruction (rdtsc) not available performance.now limited resolution Implement a monotonic clock Constantly increment a value Number of increments is proportional to the time the function is scheduled Interrupt lower increments 10 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
32 Online phase Single-threaded event loop 11 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
33 Online phase Single-threaded event loop Browsers do not allow endless loops and warn the user 11 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
34 Online phase Single-threaded event loop Browsers do not allow endless loops and warn the user settimeout/setinterval enforce a minimum pause of 4 ms 11 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
35 Cooperative endless-loop slicing Slice endless loop into smaller finite loops 12 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
36 Cooperative endless-loop slicing Slice endless loop into smaller finite loops Every loop as an execution time of 4 ms 12 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
37 Cooperative endless-loop slicing Slice endless loop into smaller finite loops Every loop as an execution time of 4 ms Before running the loop, we schedule the next loop with a timeout of 4 ms 12 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
38 Cooperative endless-loop slicing Slice endless loop into smaller finite loops Every loop as an execution time of 4 ms Before running the loop, we schedule the next loop with a timeout of 4 ms The next slice of the loop is executed immediately after the current slice 12 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
39 Cooperative endless-loop slicing Slice endless loop into smaller finite loops Every loop as an execution time of 4 ms Before running the loop, we schedule the next loop with a timeout of 4 ms The next slice of the loop is executed immediately after the current slice Higher priority events (user inputs) can still be processed browser remains responsive 12 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
40 Cooperative endless-loop slicing Slice endless loop into smaller finite loops Every loop as an execution time of 4 ms Before running the loop, we schedule the next loop with a timeout of 4 ms The next slice of the loop is executed immediately after the current slice Higher priority events (user inputs) can still be processed browser remains responsive Minimum timeout is reduced to 1000 ms if the user switches the tab 12 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
41 Cooperative endless-loop slicing Slice endless loop into smaller finite loops Every loop as an execution time of 4 ms Before running the loop, we schedule the next loop with a timeout of 4 ms The next slice of the loop is executed immediately after the current slice Higher priority events (user inputs) can still be processed browser remains responsive Minimum timeout is reduced to 1000 ms if the user switches the tab Utilize Web Worker API to execute code in background 12 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
42 Cooperative endless-loop slicing 1 function measure_time(id) { 2 settimeout(measure_time, 0, id + 1); 3 counter = 0; 4 begin = window.performance.now(); 5 while ((window.performance.now() - begin) < 5) { 6 counter = counter + 1; 7 } 8 publish(id, counter); 9 } 13 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
43 Cooperative endless-loop slicing 1 function measure_time(id) { 2 settimeout(measure_time, 0, id + 1); 3 counter = 0; 4 begin = window.performance.now(); 5 while ((window.performance.now() - begin) < 5) { 6 counter = counter + 1; 7 } 8 publish(id, counter); 9 } Low impact on the system and browser performance 13 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
44 Cooperative endless-loop slicing 1 function measure_time(id) { 2 settimeout(measure_time, 0, id + 1); 3 counter = 0; 4 begin = window.performance.now(); 5 while ((window.performance.now() - begin) < 5) { 6 counter = counter + 1; 7 } 8 publish(id, counter); 9 } Low impact on the system and browser performance Less than 256 bytes of code 13 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
45 Cooperative endless-loop slicing 1 function measure_time(id) { 2 settimeout(measure_time, 0, id + 1); 3 counter = 0; 4 begin = window.performance.now(); 5 while ((window.performance.now() - begin) < 5) { 6 counter = counter + 1; 7 } 8 publish(id, counter); 9 } Low impact on the system and browser performance Less than 256 bytes of code Can be hidden in modern JavaScript frameworks or online advertisements 13 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
46 Interrupt-timing Attack in JavaScript 10 5 Delta [counter] y a h o o. c o m Runtime [s] 14 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
47 Offline phase Process and analyze traces of the online phase 15 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
48 Offline phase Process and analyze traces of the online phase Filter the measured trace to reduce noise 15 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
49 Offline phase Process and analyze traces of the online phase Filter the measured trace to reduce noise Detect threshold for keystroke events 15 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
50 Offline phase Process and analyze traces of the online phase Filter the measured trace to reduce noise Detect threshold for keystroke events Features of recorded measurements are strong enough that simple techniques (k-nearest neighbours (KNN)) allow to build an efficient and accurate classifier 15 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
51 Practical Attacks and Evaluation
52 URL Classification Infer URLs a user enters into the browsers address bar Intel i7-6700k and Firefox M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
53 URL Classification Infer URLs a user enters into the browsers address bar Intel i7-6700k and Firefox 52.0 Train a classifier with the input sequences of the top 10 most visited websites 16 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
54 URL Classification Small timing variations when the user starts typing and whenever the user presses a key 17 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
55 URL Classification Small timing variations when the user starts typing and whenever the user presses a key Compute the correlation for different alignments 17 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
56 URL Classification Small timing variations when the user starts typing and whenever the user presses a key Compute the correlation for different alignments Evaluate classifier using k-fold cross-validation 17 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
57 URL Classification Actual URL amazon.com baidu.com facebook.com google.co.in google.co.jp google.com qq.com wikipedia.org yahoo.com youtube.com amazon.com baidu.com facebook.com google.co.in google.co.jp google.com qq.com wikipedia.org yahoo.com youtube.com Predicted URL Figure 1: Confusion matrix for URL input. 18 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
58 User Classification P1 P2 P3 P P1 P2 P3 Actual User P4 Predicted User Figure 2: Confusion matrix for input by different users. 19 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
59 Touchscreen Interactions Evaluate attack on mobile devices 20 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
60 Touchscreen Interactions 4,000 Delta [counter] 3,000 2,000 tap tap swipe tap Runtime [s] Figure 3: Keystroke timing attack running in a native app on the Google Nexus M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
61 Touchscreen Interactions Delta [counter] 2,000 1,000 0 tap tap swipe tap Runtime [s] Figure 4: Keystroke timing attack running in JavaScript on the Google Nexus M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
62 Touchscreen Interactions 4,500 Delta [counter] 4,000 3,500 tap tap swipe tap 3, Runtime [s] Figure 5: Keystroke timing attack running in JavaScript on the Xiaomi Redmi Note M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
63 Spying on other applications and PIN unlock Attack allows monitoring of every other event triggering interrupts 24 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
64 Spying on other applications and PIN unlock Attack allows monitoring of every other event triggering interrupts Allows to monitor keystrokes in different tabs and other applications 24 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
65 Keystroke timing attack on different tab Delta [counter] 10,000 8,000 6,000 4,000 2,000 tap menu new tab tap swipe tap switch tab select tab activate tab redraw incognito tab redraw redraw redraw redraw Runtime [s] Figure 6: Keystroke timing attack running while switching to a different tab in the Chrome browser on the Xiaomi Redmi Note M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
66 PIN input 10,000 slide tap Delta [counter] 5,000 0 screen off redraw redraw Runtime [s] Figure 7: Keystroke timing attack running in the Firefox browser on the Xiaomi Redmi Note 3. While the user locked the screen, the application still detects keystrokes as long as it is executed on the last used tab. 26 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
67 Touchscreen Interactions Device SoC Keystrokes Screen lock Google Nexus 5 Qualcomm MSM8974 Snapdragon Xiaomi Redmi Note 3 Mediatek MT6795 Helio X10 Homtom HT3 MediaTek MTK6580 Samsung Galaxy S6 Samsung Exynos OnePlus One Qualcomm MSM8974AC Snapdragon 801 OnePlus 3T Qualcomm MSM8996 Snapdragon Table 1: Mobile test devices. 27 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
68 Covert channel Establish a unidirectional covert channel 28 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
69 Covert channel Establish a unidirectional covert channel Sending a 1: Issue interrupt 28 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
70 Covert channel Establish a unidirectional covert channel Sending a 1: Issue interrupt Sending a 0: Idle 28 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
71 Covert channel Establish a unidirectional covert channel Sending a 1: Issue interrupt Sending a 0: Idle Utilize XMLHttpRequest to fetch a network resource from an invalid URL to implicitly issue an interrupt 28 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
72 Covert channel Cross-tab 29 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
73 Covert channel Cross-tab Breaks Same-Origin policy (SOP) 29 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
74 Covert channel Cross-tab Breaks Same-Origin policy (SOP) Breaks HTTP Strict Transport Security (HSTS) policy 29 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
75 Covert channel Cross-tab Breaks Same-Origin policy (SOP) Breaks HTTP Strict Transport Security (HSTS) policy Cross-browser 29 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
76 Covert channel Cross-tab Breaks Same-Origin policy (SOP) Breaks HTTP Strict Transport Security (HSTS) policy Cross-browser Circumvents process-per-site or process-per-tab policy 29 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
77 Covert channel Cross-tab Breaks Same-Origin policy (SOP) Breaks HTTP Strict Transport Security (HSTS) policy Cross-browser Circumvents process-per-site or process-per-tab policy Transmission from Firefox to Chrome 29 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
78 Covert channel Cross-tab Breaks Same-Origin policy (SOP) Breaks HTTP Strict Transport Security (HSTS) policy Cross-browser Circumvents process-per-site or process-per-tab policy Transmission from Firefox to Chrome Established with browsers running in incognito mode 29 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
79 Covert channel Cross-tab Breaks Same-Origin policy (SOP) Breaks HTTP Strict Transport Security (HSTS) policy Cross-browser Circumvents process-per-site or process-per-tab policy Transmission from Firefox to Chrome Established with browsers running in incognito mode Transmission rate Raw transmission rate of 25 bps using a sample interval of 40 ms 29 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
80 Countermeasures
81 Countermeasures 30 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
82 Countermeasures Generic Countermeasures 30 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
83 Countermeasures Generic Countermeasures Inject phantom keystrokes that will be intercepted by malware [Mye17] 30 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
84 Countermeasures Generic Countermeasures Inject phantom keystrokes that will be intercepted by malware [Mye17] Analyze the statistical properties of noise necessary to impede real keystroke detection [Ort12] 30 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
85 Countermeasures Generic Countermeasures Inject phantom keystrokes that will be intercepted by malware [Mye17] Analyze the statistical properties of noise necessary to impede real keystroke detection [Ort12] Do not prevent interrupt-timing attacks 30 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
86 Countermeasures Generic Countermeasures Inject phantom keystrokes that will be intercepted by malware [Mye17] Analyze the statistical properties of noise necessary to impede real keystroke detection [Ort12] Do not prevent interrupt-timing attacks Fine-grained Permission Model for JavaScript 30 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
87 Countermeasures Generic Countermeasures Inject phantom keystrokes that will be intercepted by malware [Mye17] Analyze the statistical properties of noise necessary to impede real keystroke detection [Ort12] Do not prevent interrupt-timing attacks Fine-grained Permission Model for JavaScript Per-page level access control to APIs, e.g., web workers 30 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
88 Conclusion
89 Conclusion 31 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
90 Conclusion First JavaScript-based keystroke timing attack 31 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
91 Conclusion First JavaScript-based keystroke timing attack independent of browser and operating system 31 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
92 Conclusion First JavaScript-based keystroke timing attack independent of browser and operating system Infer accurate timestamps of keystrokes as well as taps and swipes 31 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
93 Conclusion First JavaScript-based keystroke timing attack independent of browser and operating system Infer accurate timestamps of keystrokes as well as taps and swipes Built classifiers to detect visited websites and identify users and a covert channel 31 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
94 Conclusion First JavaScript-based keystroke timing attack independent of browser and operating system Infer accurate timestamps of keystrokes as well as taps and swipes Built classifiers to detect visited websites and identify users and a covert channel Highly practical, as it runs in background to spy on other tabs and applications 31 M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Graz University of Technology
95 Practical Keystroke Timing Attacks in Sandboxed JavaScript M. Lipp, D. Gruss, M. Schwarz, D. Bidner, C. Maurice, S. Mangard Sep 11, 2017 ESORICS 17 Graz University of Technology
JavaScript Zero. Real JavaScript and Zero Side-Channel Attacks. Michael Schwarz, Moritz Lipp, Daniel Gruss
JavaScript Zero Real JavaScript and Zero Side-Channel Attacks Michael Schwarz, Moritz Lipp, Daniel Gruss 20.02.2018 www.iaik.tugraz.at 1 Michael Schwarz, Moritz Lipp, Daniel Gruss www.iaik.tugraz.at Outline
More informationFantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript
Fantastic Timers and Where to Find Them: High-Resolution Microarchitectural Attacks in JavaScript Michael Schwarz, Clémentine Maurice, Daniel Gruss, Stefan Mangard Graz University of Technology April 2017
More informationFrom bottom to top: Exploiting hardware side channels in web browsers
From bottom to top: Exploiting hardware side channels in web browsers Clémentine Maurice, Graz University of Technology July 4, 2017 RMLL, Saint-Étienne, France Rennes Graz Clémentine Maurice PhD since
More informationARMageddon: Cache Attacks on Mobile Devices
ARMageddon: Cache Attacks on Mobile Devices Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, Stefan Mangard Graz University of Technology 1 TLDR powerful cache attacks (like Flush+Reload)
More informationarxiv: v2 [cs.cr] 19 Jun 2016
ARMageddon: Cache Attacks on Mobile Devices Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Clémentine Maurice, and Stefan Mangard Graz University of Technology, Austria arxiv:1511.04897v2 [cs.cr] 19 Jun
More informationRowhammer.js: Root privileges for web apps?
Rowhammer.js: Root privileges for web apps? Daniel Gruss (@lavados) 1, Clémentine Maurice (@BloodyTangerine) 2 1 IAIK, Graz University of Technology / 2 Technicolor and Eurecom 1 Rennes Graz Clémentine
More informationRowhammer.js: A Remote Software- Induced Fault Attack in Javascript
Rowhammer.js: A Remote Software- Induced Fault Attack in Javascript Daniel Gruss, Clementine Maurice and Stefan Mangard Graz University of Technology, Austria Rowhammer bug (I) Different DRAM cells can
More informationExploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android
S C I E N C E P A S S I O N T E C H N O L O G Y Exploiting Data-Usage Statistics for Website Fingerprinting Attacks on Android Raphael Spreitzer, Simone Griesmayr, Thomas Korak, and Stefan Mangard IAIK,
More informationHello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud
Hello from the Other Side: SSH over Robust Cache Covert Channels in the Cloud Clémentine Maurice, Manuel Weber, Michael Schwarz, Lukas Giner, Daniel Gruss, Carlo Alberto Boano, Stefan Mangard, Kay Römer
More informationWhen Good Turns Evil: Using Intel SGX to Stealthily Steal Bitcoins
When Good Turns Evil: Using Intel SGX to Stealthily Steal Bitcoins Michael Schwarz, Moritz Lipp michael.schwarz@iaik.tugraz.at, moritz.lipp@iaik.tugraz.at Abstract In our talk, we show that despite all
More informationUnCovert: Evaluating thermal covert channels on Android systems. Pascal Wild
UnCovert: Evaluating thermal covert channels on Android systems Pascal Wild August 5, 2016 Contents Introduction v 1: Framework 1 1.1 Source...................................... 1 1.2 Sink.......................................
More informationMalware Guard Extension: Using SGX to Conceal Cache Attacks
Malware Guard Extension: Using SGX to Conceal Cache Attacks Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, and Stefan Mangard Graz University of Technology, Austria Abstract. In modern
More informationTable of Contents 2 Device Functions 4 Device Setup 8 Call Features 9 Voic Customize Your Device 12 Contacts 13 Messages 15 Connections
Table of Contents 2 Device Functions 4 Device Setup 8 Call Features 9 Voicemail 10 Customize Your Device 12 Contacts 13 Messages 15 Connections 16 Apps & More 19 Security Device Functions Front View Front
More informationLeaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX W. Wang, G. Chen, X, Pan, Y. Zhang, XF. Wang, V. Bindschaedler, H. Tang, C. Gunter. September 19, 2017 Motivation Intel
More informationSophos Mobile Security
Help Product Version: 8.5 Contents About Sophos Mobile Security...1 Dashboard... 2 Scanner... 3 Web Filtering... 4 App Protection...5 Call Blocking...6 Loss & Theft...7 Configure Loss & Theft... 8 Wi-Fi
More informationDepartment of Computer Science, Institute for System Architecture, Operating Systems Group. Real-Time Systems '08 / '09. Hardware.
Department of Computer Science, Institute for System Architecture, Operating Systems Group Real-Time Systems '08 / '09 Hardware Marcus Völp Outlook Hardware is Source of Unpredictability Caches Pipeline
More informationSpectre and Meltdown: Data leaks during speculative execution
Spectre and Meltdown: Data leaks during speculative execution Speaker: Jann Horn (Google Project Zero) Paul Kocher (independent) Daniel Genkin (University of Pennsylvania and University of Maryland) Yuval
More informationTrusted Browsers for Uncertain Times
Trusted Browsers for Uncertain Times David Kohlbrenner and Hovav Shacham UC San Diego Building a browser that can provably mitigate timing attacks Trusted Browsers for Uncertain Times Time and web browsers
More informationÉvolution des attaques sur la micro-architecture
Évolution des attaques sur la micro-architecture Clémentine Maurice, CNRS, IRISA 23 Janvier 2019 Journée Nouvelles Avancées en Sécurité des Systèmes d Information, INSA de Toulouse/LAAS-CNRS Attacks on
More informationMalware Guard Extension: Using SGX to Conceal Cache Attacks (Extended Version)
Malware Guard Extension: Using SGX to Conceal Cache Attacks (Exted Version) Michael Schwarz Graz University of Technology Email: michael.schwarz@iaik.tugraz.at Samuel Weiser Graz University of Technology
More informationSCAnDroid: Automated Side-Channel Analysis of Android APIs
S C I E N C E P A S S I O N T E C H N O L O G Y SCAnDroid: Automated Side-Channel Analysis of Android APIs Raphael Spreitzer, Gerald Palfinger, Stefan Mangard IAIK, Graz University of Technology, Austria
More informationTable of Contents. 2 Know your device. 4 Device setup. 8 Customize. 10 Connections. 11 Apps. 12 Contacts. 13 Messages. 14 Camera.
Table of Contents 2 Know your device 4 Device setup 8 Customize 10 Connections 11 Apps 12 Contacts 13 Messages 14 Camera 15 Internet Know your device Front view Front Camera SIM Card Slot microsd Card
More informationThe Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications
The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications Yossef Oren Vasileios P. Kemerlis Simha Sethumadhavan Angelos D. Keromytis Columbia University Department of Computer
More informationMicro-Architectural Attacks and Countermeasures
Micro-Architectural Attacks and Countermeasures Çetin Kaya Koç koc@cs.ucsb.edu Çetin Kaya Koç http://koclab.org Winter 2017 1 / 25 Contents Micro-Architectural Attacks Cache Attacks Branch Prediction Attack
More informationHonours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui
Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui Projects 1 Information flow analysis for mobile applications 2 2 Machine-learning-guide typestate analysis for UAF vulnerabilities 3 3 Preventing
More informationarxiv: v3 [cs.cr] 5 Apr 2016
Flush+Flush: A Fast and Stealthy Cache Attack Daniel Gruss, Clémentine Maurice, Klaus Wagner, and Stefan Mangard Graz University of Technology, Austria arxiv:1511.04594v3 [cs.cr] 5 Apr 2016 Abstract. Research
More informationSystem-Level Failures in Security
System-Level Failures in Security Non linear offset component (ms) 0.0 0.5 1.0 1.5 2.0 Variable skew De noised Non linear offset Temperature 26.4 26.3 26.2 26.1 26.0 25.9 25.8 Temperature ( C) Fri 11:00
More informationMcAfee Network Security Platform 9.1
9.1.7.15-9.1.5.9 Manager-NS-series Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues
More informationBrowser code isolation
CS 155 Spring 2016 Browser code isolation John Mitchell Acknowledgments: Lecture slides are from the Computer Security course taught by Dan Boneh and John Mitchell at Stanford University. When slides are
More informationI/O Systems (3): Clocks and Timers. CSE 2431: Introduction to Operating Systems
I/O Systems (3): Clocks and Timers CSE 2431: Introduction to Operating Systems 1 Outline Clock Hardware Clock Software Soft Timers 2 Two Types of Clocks Simple clock: tied to the 110- or 220-volt power
More informationMobility meets Web. Al Johri & David Elutilo
Mobility meets Web Al Johri & David Elutilo Origin-Based Access Control in Hybrid Application Frameworks Outline 1. Introduction Hybrid Apps & Frameworks 2. Security Models 3. Bridges 4. Fracking 5. Existing
More informationStefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan. Stanford University, Chalmers University of Technology
Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan Stanford University, Chalmers University of Technology One of the most popular application platforms Easy to deploy and access Almost anything
More informationTechnology Requirements for Online Testing
Technology Requirements for Online Testing Training Module Copyright 2014 American Institutes for Research. All rights reserved. Topics Site Readiness Network Requirements Hardware and Software Requirements
More informationSalesforce Classic User Guide for Android
Salesforce Classic User Guide for Android Version 36.0, Spring 16 @salesforcedocs Last updated: April 27, 2016 Copyright 2000 2016 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark
More informationFlush+Flush: A Stealthier Last-Level Cache Attack
Flush+Flush: A Stealthier Last-Level Cache Attack Daniel Gruss Graz University of Technology, Austria daniel.gruss@iaik.tugraz.at Clémentine Maurice Technicolor, Rennes, France Eurecom, Sophia-Antipolis,
More informationarxiv: v2 [cs.cr] 30 Nov 2015
Reverse Engineering Intel DRAM Addressing and Exploitation - Work in Progress - arxiv:1511.08756v2 [cs.cr] 30 Nov 2015 Peter Pessl, Daniel Gruss, Clémentine Maurice, Michael Schwarz and Stefan Mangard
More informationQuick Reference Guide
Quick Reference Guide Unlocked ¹ Table of Contents 2 Samsung Care 3 Know your device 5 Device setup 9 Home screen 12 Volume and ringtones 13 Hello Bixby 14 Useful apps 15 Calls 16 Voicemail 17 Contacts
More informationDesigning Next Generation Data-Centers with Advanced Communication Protocols and Systems Services
Designing Next Generation Data-Centers with Advanced Communication Protocols and Systems Services P. Balaji, K. Vaidyanathan, S. Narravula, H. W. Jin and D. K. Panda Network Based Computing Laboratory
More informationThe Road to the Native Mobile Web. Kenneth Rohde Christiansen
The Road to the Native Mobile Web Kenneth Rohde Christiansen Kenneth Rohde Christiansen Web Platform Architect at Intel Europe Blink core owner and former active WebKit reviewer Works on Chromium, Crosswalk
More informationThe following topics describe how to configure correlation policies and rules.
The following topics describe how to configure correlation policies and rules. Introduction to and Rules, page 1 Configuring, page 2 Configuring Correlation Rules, page 5 Configuring Correlation Response
More informationBeauty and the Burst
Beauty and the Burst Remote Identification of Encrypted Video Streams Roei Schuster Cornell Tech, Tel Aviv University Vitaly Shmatikov Cornell Tech Eran Tromer Columbia University, Tel Aviv University
More informationIntroduction to Operating Systems Prof. Chester Rebeiro Department of Computer Science and Engineering Indian Institute of Technology, Madras
Introduction to Operating Systems Prof. Chester Rebeiro Department of Computer Science and Engineering Indian Institute of Technology, Madras Week - 04 Lecture 17 CPU Context Switching Hello. In this video
More informationOn the Change in Archivability of Websites Over Time
Old Dominion University ODU Digital Commons Computer Science Presentations Computer Science 9-23-2013 On the Change in Archivability of Websites Over Time Mat Kelly Old Dominion University Justin F. Brunelle
More informationRKN 2015 Application Layer Short Summary
RKN 2015 Application Layer Short Summary HTTP standard version now: 1.1 (former 1.0 HTTP /2.0 in draft form, already used HTTP Requests Headers and body counterpart: answer Safe methods (requests): GET,
More informationSalesforce Classic Mobile User Guide for Android
Salesforce Classic Mobile User Guide for Android Version 41.0, Winter 18 @salesforcedocs Last updated: November 21, 2017 Copyright 2000 2017 salesforce.com, inc. All rights reserved. Salesforce is a registered
More informationWeb Mechanisms. Draft: 2/23/13 6:54 PM 2013 Christopher Vickery
Web Mechanisms Draft: 2/23/13 6:54 PM 2013 Christopher Vickery Introduction While it is perfectly possible to create web sites that work without knowing any of their underlying mechanisms, web developers
More informationLEoNIDS: a Low-latency and Energyefficient Intrusion Detection System
LEoNIDS: a Low-latency and Energyefficient Intrusion Detection System Nikos Tsikoudis Thesis Supervisor: Evangelos Markatos June 2013 Heraklion, Greece Low-Power Design Low-power systems receive significant
More informationUbiquitous and Mobile Computing CS 528:EnergyEfficiency Comparison of Mobile Platforms and Applications: A Quantitative Approach. Norberto Luna Cano
Ubiquitous and Mobile Computing CS 528:EnergyEfficiency Comparison of Mobile Platforms and Applications: A Quantitative Approach Norberto Luna Cano Computer Science Dept. Worcester Polytechnic Institute
More informationTechnology Readiness Overview
Technology Readiness Overview Agenda Readiness Activities Proctor Caching TestNav 8 and Early Warning System Support ACT Aspire Landing Page http://actaspire.pearson.com Avocet http://actaspire.avocet.pearson.com
More informationUNIT- 5. Chapter 12 Processor Structure and Function
UNIT- 5 Chapter 12 Processor Structure and Function CPU Structure CPU must: Fetch instructions Interpret instructions Fetch data Process data Write data CPU With Systems Bus CPU Internal Structure Registers
More informationDynamic Analytics Extended to all layers Utilizing P4
Dynamic Analytics Extended to all layers Utilizing P4 Tom Tofigh, AT&T Nic VIljoen, Netronome This Talk is about Why P4 should be extended to other layers Interoperability - Utilizing common framework
More informationHTML5 Evolution and Development. Matt Spencer UI & Browser Marketing Manager
HTML5 Evolution and Development Matt Spencer UI & Browser Marketing Manager 1 HTML5 Ratified. finally! After 7 years of development, the HTML5 specification was ratified on 28 th October 14 urce>
More informationNoScript, CSP and ABE: When The Browser Is Not Your Enemy
NoScript, CSP and ABE: When The Browser Is Not Your Enemy Giorgio Maone CTO, NoScript lead developer InformAction OWASP-Italy Day IV Milan 6th, November 2009 Copyright 2008 - The OWASP Foundation Permission
More informationDART SVP. Software Manual For Web Based User Interface And For Apple ipod touch User Interface. Software Version 4.0.x Document #: 7.5.
DART SVP Software Manual For Web Based User Interface And For Apple ipod touch User Interface Software Version 4.0.x Document #: 7.5.051 Revision: 6 IonSense Inc. 999 Broadway Suite 404 Saugus, MA 01906
More informationProfiling & Optimization
Lecture 11 Sources of Game Performance Issues? 2 Avoid Premature Optimization Novice developers rely on ad hoc optimization Make private data public Force function inlining Decrease code modularity removes
More informationParallel Streaming Computation on Error-Prone Processors. Yavuz Yetim, Margaret Martonosi, Sharad Malik
Parallel Streaming Computation on Error-Prone Processors Yavuz Yetim, Margaret Martonosi, Sharad Malik Upsets/B muons/mb Average Number of Dopant Atoms Hardware Errors on the Rise Soft Errors Due to Cosmic
More informationDART SVP. Software Manual For Web Based User Interface And For Apple ipod touch User Interface. Software Version 3.0.x ipod Application Version 1.
DART SVP Software Manual For Web Based User Interface And For Apple ipod touch User Interface Software Version 3.0.x ipod Application Version 1.3 IonSense Inc. 999 Broadway Suite 404 Saugus, MA 01906 Table
More informationFeature: Trellis - Support for v2 EMG front end with 7.5 khz sample rate
################################################################# # # Trellis Suite Release Notes # contact: support@rppl.com # ################################################################# [1.8.0]
More informationAdvanced Systems Security: Program Diversity
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationFirefox OS App Days. Overview and High Level Architecture. Author: José M. Cantera Last update: March 2013 TELEFÓNICA I+D
Firefox OS App Days Overview and High Level Architecture Author: José M. Cantera (@jmcantera) Last update: March 2013 TELEFÓNICA I+D 1 Introduction What is Firefox OS? A new mobile open OS fully based
More informationIQ for DNA. Interactive Query for Dynamic Network Analytics. Haoyu Song. HUAWEI TECHNOLOGIES Co., Ltd.
IQ for DNA Interactive Query for Dynamic Network Analytics Haoyu Song www.huawei.com Motivation Service Provider s pain point Lack of real-time and full visibility of networks, so the network monitoring
More informationMeltdown and Spectre - understanding and mitigating the threats (Part Deux)
Meltdown and Spectre - understanding and mitigating the threats (Part Deux) Gratuitous vulnerability logos Jake Williams @MalwareJake SANS / Rendition Infosec sans.org / rsec.us @SANSInstitute / @RenditionSec
More informationMeltdown or "Holy Crap: How did we do this to ourselves" Meltdown exploits side effects of out-of-order execution to read arbitrary kernelmemory
Meltdown or "Holy Crap: How did we do this to ourselves" Abstract Meltdown exploits side effects of out-of-order execution to read arbitrary kernelmemory locations Breaks all security assumptions given
More informationSalesforce Classic Guide for iphone
Salesforce Classic Guide for iphone Version 35.0, Winter 16 @salesforcedocs Last updated: October 27, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark
More informationSandboxing. CS-576 Systems Security Instructor: Georgios Portokalidis Spring 2018
Sandboxing CS-576 Systems Security Instructor: Georgios Portokalidis Sandboxing Means Isolation Why? Software has bugs Defenses slip Untrusted code Compartmentalization limits interference and damage!
More informationSearch Engines. Information Retrieval in Practice
Search Engines Information Retrieval in Practice All slides Addison Wesley, 2008 Web Crawler Finds and downloads web pages automatically provides the collection for searching Web is huge and constantly
More informationTap Position Inference on Smart Phones
Tap Position Inference on Smart Phones Ankush Chauhan 11-29-2017 Outline Introduction Application Architecture Sensor Event Data Sensor Data Collection App Demonstration Scalable Data Collection Pipeline
More informationProfiling & Optimization
Lecture 18 Sources of Game Performance Issues? 2 Avoid Premature Optimization Novice developers rely on ad hoc optimization Make private data public Force function inlining Decrease code modularity removes
More informationDeveloping deterministic networking technology for railway applications using TTEthernet software-based end systems
Developing deterministic networking technology for railway applications using TTEthernet software-based end systems Project n 100021 Astrit Ademaj, TTTech Computertechnik AG Outline GENESYS requirements
More informationThe Security Impact of HTTPS Interception
The Security Impact of HTTPS Interception NDSS 17 Z. Durumeric, Z. Ma, D. Springall, R. Barnes, N. Sullivan, E. Bursztein, M. Bailey, J. Alex Halderman, V. Paxson! G R Presented by: Sanjeev Reddy go NS
More informationCSCE Operating Systems Interrupts, Exceptions, and Signals. Qiang Zeng, Ph.D. Fall 2018
CSCE 311 - Operating Systems Interrupts, Exceptions, and Signals Qiang Zeng, Ph.D. Fall 2018 Previous Class Process state transition Ready, blocked, running Call Stack Execution Context Process switch
More informationConfinement (Running Untrusted Programs)
Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras Untrusted Programs Untrusted Application Entire Application untrusted Part of application untrusted Modules
More informationHigh -Tech Bridge s Web Server Security Service API Developer Documentation Version v1.3 February 13 th 2018
HTB_WEBSECDOCS_v1.3.pdf Page 1 of 29 High -Tech Bridge s Web Server Security Service API Developer Documentation Version v1.3 February 13 th 2018 General Overview... 2 Meta-information... 4 HTTP Additional
More informationQuestions answered in this lecture: CS 537 Lecture 19 Threads and Cooperation. What s in a process? Organizing a Process
Questions answered in this lecture: CS 537 Lecture 19 Threads and Cooperation Why are threads useful? How does one use POSIX pthreads? Michael Swift 1 2 What s in a process? Organizing a Process A process
More informationBIG-IP Access Policy Manager and F5 Access for Android. Version 3.0.4
BIG-IP Access Policy Manager and F5 Access for Android Version 3.0.4 Table of Contents Table of Contents Legal Notices...5 Legal notices...5 Overview: F5 Access for Android...7 F5 Access and mobile devices...7
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by machine learning and intelligent automation. By rethinking
More informationSalesforce Classic Mobile Guide for iphone
Salesforce Classic Mobile Guide for iphone Version 41.0, Winter 18 @salesforcedocs Last updated: November 30, 2017 Copyright 2000 2017 salesforce.com, inc. All rights reserved. Salesforce is a registered
More informationIT Services IT LOGGING POLICY
IT LOGGING POLICY UoW IT Logging Policy -Restricted- 1 Contents 1. Overview... 3 2. Purpose... 3 3. Scope... 3 4. General Requirements... 3 5. Activities to be logged... 4 6. Formatting, Transmission and
More informationVMware AirWatch Chrome OS Platform Guide Managing Chrome OS Devices with AirWatch
VMware AirWatch Chrome OS Platform Guide Managing Chrome OS Devices with AirWatch AirWatch v9.3 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.
More informationThe Most Dangerous Code in the Browser. Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan
The Most Dangerous Code in the Browser Stefan Heule, Devon Rifkin, Alejandro Russo, Deian Stefan Modern web experience Modern web experience Modern web experience Web apps Extensions NYTimes Chase AdBlock
More informationBrowser behavior can be quite complex, using more HTTP features than the basic exchange, this trace will show us how much gets transferred.
Lab Exercise HTTP Objective HTTP (HyperText Transfer Protocol) is the main protocol underlying the Web. HTTP functions as a request response protocol in the client server computing model. A web browser,
More informationSTEALING PINS VIA MOBILE SENSORS: ACTUAL RISK VERSUS USER PERCEPTION
STEALING PINS VIA MOBILE SENSORS: ACTUAL RISK VERSUS USER PERCEPTION Maryam Mehrnezhad Ehsan Toreini Siamak F. Shahandashti Feng Hao Newcastle University, UK At EuroUSEC, July 2016 JavaScript-based attack
More informationCSL373: Lecture 5 Deadlocks (no process runnable) + Scheduling (> 1 process runnable)
CSL373: Lecture 5 Deadlocks (no process runnable) + Scheduling (> 1 process runnable) Past & Present Have looked at two constraints: Mutual exclusion constraint between two events is a requirement that
More informationGetting Started with Access Control Policies
Getting Started with Control Policies The following topics describe how to start using access control policies: Introduction to Control, page 1 Managing Control Policies, page 6 Creating a Basic Control
More informationWho am I? Moritz Lipp PhD Graz University of
Who am I? Moritz Lipp PhD student @ Graz University of Technology @mlqxyz moritz.lipp@iaik.tugraz.at 1 Moritz Lipp, Michael Schwarz, Daniel Gruss Graz University of Technology Who am I? Michael Schwarz
More informationBASIC INTERFACING CONCEPTS
Contents i SYLLABUS UNIT - I 8085 ARCHITECTURE Introduction to Microprocessors and Microcontrollers, 8085 Processor Architecture, Internal Operations, Instructions and Timings, Programming the 8085-Introduction
More informationGet Started with the INCENTER Application
Get Started with the INCENTER Application Log in to the TireCheck INCENTER application using user account details provided. The application requires an Internet connection. Your Android smart device must
More informationRelease Notes for Avaya WLAN 9112 and 9114 Access Point Operating System (AOS Lite) Release WLAN 9112 and WLAN 9114.
9112 and 9114 Release Notes Release Notes for Avaya 9112 and 9114 Access Point Operating System (AOS Lite) Release 8.2.4 Avaya Inc - External Distribution 1. Introduction This document provides details
More informationBreaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX. Yeongjin Jang, Sangho Lee, and Taesoo Kim Georgia Institute of Technology
Breaking Kernel Address Space Layout Randomization (KASLR) with Intel TSX Yeongjin Jang, Sangho Lee, and Taesoo Kim Georgia Institute of Technology Kernel Address Space Layout Randomization (KASLR) A statistical
More informationTask On Gingerbread On Ice Cream Sandwich Notification bar on lock screen Notification bar is not accessible on the lock screen.
HTC Rezound to 3.14.605.12 710RD: What s Different and New? Congratulations on updating your HTC Rezound to 3.14.605.12 710RD. You might have some questions about the new update and how you can take advantage
More informationMulti-core Architecture and Programming
Multi-core Architecture and Programming Yang Quansheng( 杨全胜 ) http://www.njyangqs.com School of Computer Science & Engineering 1 http://www.njyangqs.com Process, threads and Parallel Programming Content
More informationReturn-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices
Return-Oriented Flush-Reload Side Channels on ARM and Their Implications for Android Devices Xiaokuan Zhang Yuan Xiao Yinqian Zhang Department of Computer Science and Engineering The Ohio State University
More informationCCS CONCEPTS. KEYWORDS Android; automatic analysis; procfs; side-channel analysis
ProcHarvester: Fully Automated Analysis of Procfs Side-Channel Leaks on Android Raphael Spreitzer, Felix Kirchengast, Daniel Gruss, and Stefan Mangard Graz University of Technology ABSTRACT The procfs
More informationAccess Gateway 9.3, Enterprise Edition
Access Gateway 9.3, Enterprise Edition 2015-05-03 05:23:10 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Access Gateway 9.3, Enterprise Edition...
More informationCS 475. Process = Address space + one thread of control Concurrent program = multiple threads of control
Processes & Threads Concurrent Programs Process = Address space + one thread of control Concurrent program = multiple threads of control Multiple single-threaded processes Multi-threaded process 2 1 Concurrent
More informationExploring Chrome Internals. Darin Fisher May 28, 2009
Exploring Chrome Internals Darin Fisher May 28, 2009 Simple interface, powerful core Modern browsers resemble the cooperatively multi-tasked operating systems of the past. Guiding sentiment, 2006 Goals
More informationYahoo Search ATS Plugins. Daniel Morilha and Scott Beardsley
Yahoo Search ATS Plugins Daniel Morilha and Scott Beardsley About Us We have a HUGE team! Serves traffic which generates ~40% of Yahoo s $$$ We run both Search Ingress and Egress Maintain around a dozen
More informationChecklist for Testing of Web Application
Checklist for Testing of Web Application Web Testing in simple terms is checking your web application for potential bugs before its made live or before code is moved into the production environment. During
More informations132_nrf52 release notes
s132_nrf52 release notes Table of Contents Introduction to the s132_nrf52 release notes These release notes describe the changes in the s132_nrf52 from version to version. The release notes are intended
More informationReal-Time Systems Hermann Härtig Real-Time Operating Systems Brief Overview
Real-Time Systems Hermann Härtig Real-Time Operating Systems Brief Overview 02/02/12 Outline Introduction Basic variants of RTOSes Real-Time paradigms Common requirements for all RTOSes High level resources
More information