Title:

Side Channels in Web Environments: From Microarchitectural Attacks to Developer-Centric Countermeasures

 

Abstract:

Side channels are unintended sources of information leakage from a system that may be exploited to infer otherwise hidden and sensitive information. Due to the their practical relevance in modern computing systems, their accessibility to attackers, and the extensive research they have attracted over the past two decades, we focus on microarchitectural side channels, which rely on observable effects caused by shared hardware resources and processor performance optimizations. 
The two decades sustained research effort on this topic has produced a vast literature describing new attack techniques, vulnerabilities, and mitigations, often evaluated using diverse methodologies and metrics. Despite these advances, the practical adoption of side-channel analysis tools by developers remains limited. In parallel, the rise of LLM-based bots is creating new threats for websites and online services and raising questions about the effectiveness of existing defenses. In this presentation we addresses these challenges through three complementary contributions addressing challenges related to attack benchmarking practices, vulnerability detection, and fingerprinting-based anti-bot mechanisms.

 

Speaker:

Iliana Fayolle

Inria Center
University of Lille