Cybersecurity experts at TU Graz have launched an online course designed as a sitcom on side channel attacks, in which physical effects allow inferences to be made about protected data. The first of two new seasons of the educational sitcom will go online on 23 August.TU Graz’s cybersecurity specialists regularly make people sit up and take notice with reports of newly discovered openings for attacks on established computer systems - most recently, details of ĘpicLeak and SQUIP were released, while the Meltdown and Spectre vulnerabilities caused an international stir in 2019.
The majority of these cyberattacks are complex side channel attacks that are difficult to prevent. Here, algorithms and data are not targeted directly. Instead, physical or logical side effects are observed and analysed, with a view to extracting protected information or algorithms. Potential indicators include electromagnetic radiation, energy consumption, the time required to perform certain functions, and memory use, among others. Security flaws can be rectified using patches, or by means of hardware with a fundamentally different design.
Sharing knowledge through a sitcomThe research team headed by Daniel Gruss of the TU Graz Institute of Applied Information Processing and Communications aims to make its in-depth knowledge of side channel attacks as accessible as possible to the largest possible audience - including through an e-learning course staged as an entertaining sitcom. The setting for this unusual teaching approach is a flat shared by a group of students who want to find out more about side channels. Together with course participants, they discover what side channels are, why they are so important for IT security, as well as how hackers think and how to stay one step ahead of them.
Alongside the Side Channel Security Basics courses previously released on the edX.org e-learning platform, two five-episode series of the new course, Side Channel Security - Caches and Physical Attacks, will be available from 23 August.
Side Channel Security Basics:
Side Channel Security: Developing a Side Channel Mindset (5 Episoden)
Introduction to Software Side Channels and Mitigations (5 Episoden)
New: Side Channel Security - Caches and Physical Attacks
Cache Side-Channel Attacks and Mitigations (5 episodes, start: 23 August 2022)
Physical and Advanced Side-Channel Attacks (5 episodes, start: 8 November 2022)
A preview: Season 1, Episode 1 "Side Channels Are Everywhere"
Participants can register via edX.org. The content is free of charge, and students can also obtain a certificate by completing an exercise at the end of the course. After finishing both courses, participants are awarded a Professional Certificate. All episodes also get online in time on the YouTube channel ,,Side Channel Security" .
"The programme isn’t just important for computer science students, it’s also aimed at software developers, as well as people who work with IT systems at companies, like administrators. We give them essential information that enables them to accurately gauge the security level of systems and software. Because there’s nothing more dangerous than a false sense of security," as Daniel Gruss explains.