@inbook{790fd861c60e4acdaa7e3bf559d21e6d,
title = "An Investigation of Microarchitectural Cache-Based Side-Channel Attacks from a Digital Forensic Perspective: Methods of Exploits and Countermeasures",
abstract = "In the current, fast paced development of computer hardware, hardware manufacturers often focus on an expedited time to market paradigm or on maximum throughput. This inevitably leads to a number of unintentional hardware vulnerabilities. These vulnerabilities can be exploited to launch devastating hardware attacks and as a result compromise the privacy of end-users. Microarchitectural attacks—the exploit of the microarchitectural behaviour of modern computer systems, is an example of such a hardware attack, and also the central focus of this paper. This type of attack can exploit microarchitectural performance of processor implementations, which in turn can potentially expose hidden hardware states. Microarchitectural attacks compromise the security of computational environments even within advanced protection mechanisms such as virtualisation and sandboxes. In light of these security threats against modern computing hardware, a detailed survey of recent attacks that exploit microarchitectural elements in modern, shared computing hardware were performed from a Digital Forensic perspective. It is demonstrated that the CPU (central processing unit) is an attractive resource to be targeted by attackers, and show that adversaries could potentially use microarchitectural cache-based side-channel attacks to extract and analytically examine sensitive data from their victims. This study only focuses on cache-based attacks as opposed to other variants of side-channel attacks, which have a broad application range. The paper makes three major contributions to the body of knowledge: Firstly in terms of the broadness of the scope of the analysis and a detailed examination of the means by which the data is analysed for performing side channel attacks, secondly with regards to how novel uses of data can facilitate side channel attacks, and thirdly also in the provision of an agenda for directing future research.",
keywords = "Attacks, CPU vulnerabilities, Cache-based attacks, Countermeasures, Digital forensics, Digital investigation, Exploits, Microarchitectural analysis, Side channels",
author = "Reza Montasari and Bobby Tait and Hamid Jahankhani and Fiona Carroll",
note = "Publisher Copyright: {\textcopyright} 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.",
year = "2022",
month = jan,
day = "1",
doi = "10.1007/978-3-030-88040-8_11",
language = "English",
isbn = "978-3-030-88042-2",
series = "Advanced Sciences and Technologies for Security Applications",
publisher = "Springer",
pages = "281--306",
booktitle = "Advanced Sciences and Technologies for Security Applications",
}