{"680858":{"#nid":"680858","#data":{"type":"event","title":"PhD Proposal by Jason Kim","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003ETitle: \u003C\/strong\u003ETowards Hardening Web Browsers Against Microarchitectural Side-channel Threats\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E(This proposal has been rescheduled from its original date of March 10. Please refer to the updated information below.)\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EDate: \u003C\/strong\u003EMonday, March 24, 2025\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ETime: \u003C\/strong\u003E9:00 AM \u2013 10:00 AM ET\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ELocation \u003C\/strong\u003E(Hybrid):\u003C\/p\u003E\u003Cul\u003E\u003Cli\u003ECoda C0915 Atlantic\u003C\/li\u003E\u003Cli\u003E\u003Ca href=\u0022https:\/\/gatech.zoom.us\/j\/97716761119?pwd=EbQbAJZBCjeMGzXza3YUCrxFvmtJUw.1\u0022\u003Ehttps:\/\/gatech.zoom.us\/j\/97716761119?pwd=EbQbAJZBCjeMGzXza3YUCrxFvmtJUw.1\u003C\/a\u003E\u003C\/li\u003E\u003Cli\u003E(Zoom Meeting ID: 977 1676 1119, Passcode: 181639)\u003C\/li\u003E\u003C\/ul\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EJason Kim\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003ECS Ph.D. Student\u003C\/p\u003E\u003Cp\u003ESchool of Cybersecurity and Privacy\u003C\/p\u003E\u003Cp\u003ECollege of Computing\u003C\/p\u003E\u003Cp\u003EGeorgia Institute of Technology\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ECommittee:\u003C\/strong\u003E\u003C\/p\u003E\u003Cul\u003E\u003Cli\u003EDr. Daniel Genkin (Advisor) \u2013 School of Cybersecurity and Privacy, Georgia Institute of Technology\u003C\/li\u003E\u003Cli\u003EDr. Taesoo Kim - School of Cybersecurity and Privacy, Georgia Institute of Technology\u003C\/li\u003E\u003Cli\u003EDr. Saman Zonouz - School of Cybersecurity and Privacy, Georgia Institute of Technology\u003C\/li\u003E\u003C\/ul\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EAbstract:\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003EImproving the performance of modern CPUs faces challenges in frequency, power consumption, and memory systems whose performance has grown considerably slower. In response, architects have devised complex caching, prediction, and prefetching mechanisms, and have implemented deep speculative and out-of-order execution in the pipeline for more performant CPUs despite these limitations. On the other hand, the resulting CPUs have paved the way for an ecosystem of high-performance web applications, leading to users \u0027living in the browser\u0027 for several hours each day. However, browsers have consequently become a central store for secrets, such as passwords and payment information. Addressing this, browsers employ extensive sandboxes for code served from webpages, enforcing that one page cannot read another\u0027s data.\u003C\/p\u003E\u003Cp\u003EDespite sandboxing, secrets in browsers are unfortunately susceptible to side-channel attacks, due to mutually distrusting domains executing on the same underlying hardware. For modern CPUs in particular, the risk of microarchitectural side-channels is exacerbated since they can share caching, prediction, and prefetching state across such domains \u2013 causing performance optimizations to backfire and inadvertently become attack vectors. Although these vectors are constantly emerging, they are largely unknown to browser developers because microarchitecture is transparent to software and proprietary to each CPU vendor. Therefore, in this proposal, we aim to understand the adverse interactions of microarchitecture on browser security.\u003C\/p\u003E\u003Cp\u003ETo that aim, we discuss works that reveal two new microarchitectural predictors in the wild. These predictors, present in recent Apple CPUs, speculate past data dependencies on loads to improve instruction-level parallelism. Although we observe constraints in their prediction capabilities, we demonstrate that mispredictions lead to exploitable memory safety violations in the Chrome and Safari browsers by remote adversaries serving a malicious webpage. Furthermore, we discuss work that reveals the shortcomings of browser countermeasures to speculative execution attacks, despite five years of mitigation efforts. We demonstrate corner cases where browsers do not apply process isolation, and we show that the commonly deployed countermeasure of timer degradation is fundamentally flawed due to race conditions \u2013\u0026nbsp;resulting in timer-free attack primitives. Overall, these works highlight that more principled defenses are needed to secure browsers from microarchitectural side-channels.\u003C\/p\u003E","summary":"","format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003ETowards Hardening Web Browsers Against Microarchitectural Side-channel Threats\u003C\/p\u003E","format":"limited_html"}],"field_summary_sentence":[{"value":"Towards Hardening Web Browsers Against Microarchitectural Side-channel Threats"}],"uid":"27707","created_gmt":"2025-03-03 20:40:13","changed_gmt":"2025-03-13 18:54:38","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2025-03-24T09:00:00-04:00","event_time_end":"2025-03-24T10:00:00-04:00","event_time_end_last":"2025-03-24T10:00:00-04:00","gmt_time_start":"2025-03-24 13:00:00","gmt_time_end":"2025-03-24 14:00:00","gmt_time_end_last":"2025-03-24 14:00:00","rrule":null,"timezone":"America\/New_York"},"location":"Coda C0915 Atlantic","extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"102851","name":"Phd proposal"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78771","name":"Public"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}