Innokenty Sennovsky

Reverse Engineering Specialist, BI.ZONE

About speaker

Graduated from NRNU MEPhI with a degree in Information Security. Currently work at BI.Zone as a Reverse Engineering Specialist. Member of LC\BC CTF team. Discovered Spectre Variant 3a in Intel CPUs.
My primary interests lie in the fields of applied cryptography, reverse engineering and side channel attacks.
November 15
15:00 — 16:00
Main Track
There have been several Speculative Execution vulnerabilities allowing to read privileged data from kernel mode, as well as other processes and even hypervisors. However, there are several more ways in which speculative execution can be leveraged by adversaries.  I have discovered one such technique, which allows the attacker on the system to get information allowing them to evade detection by modern sandboxes and AV software. This technique led to the discovery of Spectre Variant 3a virtualization detection vulnerability in Intel CPUs but can also be used in a few more ways. In this talk I'll explain the principles behind speculative execution vulnerabilities and talk about the detector technique.