Breaking Container Boundary Using Side Channel Attack

With the improvements in technology, hackers are also getting equipped with better rigs day by day. For every new technology being developed to secure cyber space, hackers are trying to research various attack vectors to penetrate them, ultimately rendering them somewhat useless, if things go wrong (which go wrong every now and then). Apart from usual attack vectors in software, hackers have started exploiting the hardware side of computing infrastructure; which has given birth to some famous attacks (e.g. Meltdown, Spectre, Fan-smitter). This paper presents yet another attack vector, which uses temperature pattern of CPU dice as transmission medium to leak data covertly, and then uses that to make containerized processes talk to each other. The paper talks about motivation behind the research, design and analysis of covert channel, challenges, and possible countermeasures against it.

Presented at Security Fest 2024.

Speaker: Adhokshaj Mishra

About Adhokshaj Mishra

Adhokshaj Mishra

Adhokshaj Mishra works as Security Research Lead – Detections and Threat Research specializing in Linux and MacOS platforms. His interest lies in offensive and defensive side of Linux malware research. He has been working on container specific attacks, and detections in his professional career. In his free time, he mostly researches about new offensive techniques in malware as well as applied cryptography. He loves speaking in security meetups and conferences; and has presented in various Null and OWASP chapter meetups, apart from other security events.

 
Get all relevant information and news regarding Security Fest, when we release recordings of talks, etc.
Get newsletter →