Marco Oliverio

Advisor: Andrea Pugliese

Topic: Computer Security

Abstract: Information hiding is a cornerstone of modern binary hardening techniques. Operating systems and hypervisors introduce entropy in crucial parts of the system (e.g., the virtual memory address space layout of the process and/or the kernel) in order to make exploitation harder, because attackers cannot obtain information that are necessary to mount an attack. In this contest, side-channels that leak information by other means are a crucial attack vector to defend against. Moreover, information that were once considered security neutral, such the virtual-physical address mapping, are shown to be security crucial because they can give attackers enough details to exploit hardware bugs (eg, rowhammer induced bit-flips). Eventually, as new and complex features are added to OSs, avoiding side-channels that leak sensible information or break security boundaries is hard and developers need to trade-off security with performance to make solutions practical. My Ph.D. is mainly focused on side-channels exploitation and mitigation in modern OSs.