The Hacker News SANS Stormcast

Security Week Cyber Safe

Why is it called DABANGG? How is DABANGG different from the standard flush attacks?

DABANGG is a Hindi word, meaning “fearless”. In general Flush based attacks lose their effectiveness on a noisy system environment. It turns out the processor frequency controlled by the DVFS is the culprit. DABANGG is conscious of processor frequency and hence resilient to system noise.

What is DVFS?

DVFS stands for dynamic voltage and frequency scaling. To improve the power/performance tradeoff, DVFS controller controls the voltage and frequency (clock rate). As cache timing attacks rely on latency numbers which are dependent on the clock rate. It is necessary to make the cache attacks aware of DVFS effects.

Is this related to the CLKScrew attack?

No. CLKScrew is a fault based attack whereas DABANGG is a timing channel attack.

Can DABANGG improve the effectiveness of attacks like Spectre?

Yes, as Spectre uses a cache covert channel.

Is the source code available?

A Github link will be up by June 15 2020. Stay tuned.

Does it work only on Intel processors?

No, it works seamlessly with AMD processors too.

Does it work with non-Linux OS?

Yes, it works with the macOS too.

How can I contact you?

For any queries related to DABANGG, you can reach us via anishs@iitk.ac.in and biswap@cse.iitk.ac.in You can reach us through our Twitter and LinkedIn handles too.