An Investigation of Microarchitectural Cache-Based Side-Channel Attacks from a Digital Forensic Perspective: Methods of Exploits and Countermeasures

Reza Montasari*, Bobby Tait, Hamid Jahankhani, Fiona Carroll

*Awdur cyfatebol y gwaith hwn

Allbwn ymchwil: Pennod mewn Llyfr/Adroddiad/Trafodion CynhadleddPennodadolygiad gan gymheiriaid

Crynodeb

In the current, fast paced development of computer hardware, hardware manufacturers often focus on an expedited time to market paradigm or on maximum throughput. This inevitably leads to a number of unintentional hardware vulnerabilities. These vulnerabilities can be exploited to launch devastating hardware attacks and as a result compromise the privacy of end-users. Microarchitectural attacks—the exploit of the microarchitectural behaviour of modern computer systems, is an example of such a hardware attack, and also the central focus of this paper. This type of attack can exploit microarchitectural performance of processor implementations, which in turn can potentially expose hidden hardware states. Microarchitectural attacks compromise the security of computational environments even within advanced protection mechanisms such as virtualisation and sandboxes. In light of these security threats against modern computing hardware, a detailed survey of recent attacks that exploit microarchitectural elements in modern, shared computing hardware were performed from a Digital Forensic perspective. It is demonstrated that the CPU (central processing unit) is an attractive resource to be targeted by attackers, and show that adversaries could potentially use microarchitectural cache-based side-channel attacks to extract and analytically examine sensitive data from their victims. This study only focuses on cache-based attacks as opposed to other variants of side-channel attacks, which have a broad application range. The paper makes three major contributions to the body of knowledge: Firstly in terms of the broadness of the scope of the analysis and a detailed examination of the means by which the data is analysed for performing side channel attacks, secondly with regards to how novel uses of data can facilitate side channel attacks, and thirdly also in the provision of an agenda for directing future research.

Iaith wreiddiolSaesneg
TeitlAdvanced Sciences and Technologies for Security Applications
CyhoeddwrSpringer
Tudalennau281-306
Nifer y tudalennau26
ISBN (Electronig)978-3-030-88040-8
ISBN (Argraffiad)978-3-030-88042-2
Dynodwyr Gwrthrych Digidol (DOIs)
StatwsCyhoeddwyd - 1 Ion 2022

Cyfres gyhoeddiadau

EnwAdvanced Sciences and Technologies for Security Applications
ISSN (Argraffiad)1613-5113
ISSN (Electronig)2363-9466

Dyfynnu hyn