TU Graz’s cybersecurity specialists regularly make people sit up and take notice with reports of newly discovered openings for attacks on established computer systems – most recently, details of ÆpicLeak and SQUIP were released, while the Meltdown and Spectre vulnerabilities caused an international stir in 2019.
The majority of these cyberattacks are complex side channel attacks that are difficult to prevent. Here, algorithms and data are not targeted directly. Instead, physical or logical side effects are observed and analysed, with a view to extracting protected information or algorithms. Potential indicators include electromagnetic radiation, energy consumption, the time required to perform certain functions, and memory use, among others. Security flaws can be rectified using patches, or by means of hardware with a fundamentally different design.
Sharing knowledge through a sitcom
The research team headed by Daniel Gruss of the TU Graz Institute of Applied Information Processing and Communications aims to make its in-depth knowledge of side channel attacks as accessible as possible to the largest possible audience – including through an e-learning course staged as an entertaining sitcom. The setting for this unusual teaching approach is a flat shared by a group of students who want to find out more about side channels. Together with course participants, they discover what side channels are, why they are so important for IT security, as well as how hackers think and how to stay one step ahead of them.
Alongside the Side Channel Security Basics courses previously released on the edX.org e-learning platform, two five-episode series of the new course, Side Channel Security – Caches and Physical Attacks, will be available from 23 August. All episodes also get online in time on the YouTube channel „Side Channel Security“.
- Side Channel Security Basics:
Side Channel Security: Developing a Side Channel Mindset (5 episodes)
Introduction to Software Side Channels and Mitigations (5 episodes)
- NEW: Side Channel Security – Caches and Physical Attacks
Cache Side-Channel Attacks and Mitigations (5 episodes, starts 23 August 2022)
Physical and Advanced Side-Channel Attacks (5 episodes, starts 8 November 2022)
Participants can register via edX.org. The content is free of charge, and students can also obtain a certificate by completing an exercise at the end of the course. After finishing both courses, participants are awarded a Professional Certificate.
“The programme isn’t just important for computer science students, it’s also aimed at software developers, as well as people who work with IT systems at companies, like administrators. We give them essential information that enables them to accurately gauge the security level of systems and software. Because there’s nothing more dangerous than a false sense of security,” as Daniel Gruss explains.
Side Channel Security Sitcom - Trailer: https://www.youtube.com/watch?v=ktKt6AgYdkU
TU Graz courses on the edX e-learning platform
TU Graz began staging cybersecurity and electronics courses on the global e-learning platform edX.org in March 2022 (Overview of all courses of TU Graz). edX’s 42 million users can choose from more than 3,600 courses on a range of subjects, provided by partners including Harvard, MIT, ETH Zurich and the Technical University of Munich. TU Graz launched its collaboration with edX.org under the university’s strategic Digital TU Graz project, as part of the Third Mission action area that focuses on knowledge transfer to society and businesses. For more info, see the news story on the partnership launch: Online Learning: TU Graz Courses on edX.org.