Timing Side-channel Attacks and Countermeasures in CPU Microarchitectures-Reference-Cited by-同舟云学术

Timing Side-channel Attacks and Countermeasures in CPU Microarchitectures

Published:2024-04-09 Issue:7 Volume:56 Page:1-40
ISSN:0360-0300
Container-title:ACM Computing Surveys
language:en
Short-container-title:ACM Comput. Surv.

Author:

Zhang Jiliang¹^ORCID,Chen Congcong¹^ORCID,Cui Jinhua¹^ORCID,Li Keqin²^ORCID

Affiliation:

1. Hunan University, Changsha, China

2. State University of New York, New York, USA

Abstract

Microarchitectural vulnerabilities, such as Meltdown and Spectre, exploit subtle microarchitecture state to steal the user’s secret data and even compromise the operating systems. In recent years, considerable discussion lies in understanding the attack-defense mechanisms and exploitability of such vulnerabilities. Unfortunately, there have been few investigations into a systematic elaboration of threat models, attack scenarios and requirements, and defense targets of the resulting attacks. In this article, we fill this gap and make the following contributions. We first propose two sets of taxonomies for classifying microarchitectural timing side-channel attacks and their countermeasures according to various attack conditions. Based on the taxonomies proposed, we then review published attacks and existing defenses and systematically analyze their internals. In particular, we also provide a comprehensive analysis of the similarities and differences among those attacks, uncovering the corresponding practicality and severity by identifying the attack targets/platforms and the security boundaries that can be bypassed to reveal information. We further examine the scalability of those defenses through specifying expected defense goals and costs. We also discuss corresponding detection methods based on different classifications. Finally, we propose several key challenges of existing countermeasures and the attack trends, and discuss directions for future research.

Funder

National Natural Science Foundation of China

Science and Technology Innovation Program of Hunan Province

Natural Science Foundation of Hunan Province

Natural Science Foundation of Changsha City

Fundamental Research Funds for the Central Universities

Research Foundation of Education Bureau of Hunan Province

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/3645109

Reference186 articles.

1. Onur Acıiçmez, Billy Bob Brumley, and Philipp Grabher. 2010. New results on instruction cache attacks. In CHES, 110–124.

2. Jaeguk Ahn, Jiho Kim, Hans Kasan, Leila Delshadtehrani, Wonjun Song, Ajay Joshi, and John Kim. 2021. Network-on-chip microarchitecture-based covert channel in gpus. In MICRO, 565–577.

3. Sam Ainsworth. 2021. GhostMinion: A strictness-ordered cache system for spectre mitigation. In MICRO, 592–606.

4. Samira Mirbagher Ajorpaz, Daniel Moghimi, Jeffrey Neal Collins, Gilles Pokam, Nael Abu-Ghazaleh, and Dean Tullsen. 2022. EVAX: Towards a practical, pro-active & adaptive architecture for high performance & security. In MICRO, 1218–1236.

5. Alejandro Cabrera Aldaya, Billy Bob Brumley, Sohaib ul Hassan, Cesar Pereida García, and Nicola Tuveri. 2019. Port contention for fun and profit. In S&P, 870–887.

Cited by 4 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Survey of of Side-Channel Attacks and Mitigation for Processor Interconnects;Applied Sciences;2024-07-31

2. GFLE: a low-energy lightweight block cipher based on a variant of generalized Feistel structure;Physica Scripta;2024-07-25

3. To (US)Be or Not to (US)Be: Discovering Malicious USB Peripherals through Neural Network-Driven Power Analysis;Electronics;2024-05-29

4. Write+Sync: Software Cache Write Covert Channels Exploiting Memory-Disk Synchronization;IEEE Transactions on Information Forensics and Security;2024