An Investigation of Microarchitectural Cache-Based Side-Channel Attacks from a Digital Forensic Perspective: Methods of Exploits and Countermeasures

Reza Montasari*, Bobby Tait, Hamid Jahankhani, Fiona Carroll

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

Abstract

In the current, fast paced development of computer hardware, hardware manufacturers often focus on an expedited time to market paradigm or on maximum throughput. This inevitably leads to a number of unintentional hardware vulnerabilities. These vulnerabilities can be exploited to launch devastating hardware attacks and as a result compromise the privacy of end-users. Microarchitectural attacks—the exploit of the microarchitectural behaviour of modern computer systems, is an example of such a hardware attack, and also the central focus of this paper. This type of attack can exploit microarchitectural performance of processor implementations, which in turn can potentially expose hidden hardware states. Microarchitectural attacks compromise the security of computational environments even within advanced protection mechanisms such as virtualisation and sandboxes. In light of these security threats against modern computing hardware, a detailed survey of recent attacks that exploit microarchitectural elements in modern, shared computing hardware were performed from a Digital Forensic perspective. It is demonstrated that the CPU (central processing unit) is an attractive resource to be targeted by attackers, and show that adversaries could potentially use microarchitectural cache-based side-channel attacks to extract and analytically examine sensitive data from their victims. This study only focuses on cache-based attacks as opposed to other variants of side-channel attacks, which have a broad application range. The paper makes three major contributions to the body of knowledge: Firstly in terms of the broadness of the scope of the analysis and a detailed examination of the means by which the data is analysed for performing side channel attacks, secondly with regards to how novel uses of data can facilitate side channel attacks, and thirdly also in the provision of an agenda for directing future research.

Original languageEnglish
Title of host publicationAdvanced Sciences and Technologies for Security Applications
PublisherSpringer
Pages281-306
Number of pages26
ISBN (Electronic)978-3-030-88040-8
ISBN (Print)978-3-030-88042-2
DOIs
Publication statusPublished - 1 Jan 2022

Publication series

NameAdvanced Sciences and Technologies for Security Applications
ISSN (Print)1613-5113
ISSN (Electronic)2363-9466

Keywords

  • Attacks
  • CPU vulnerabilities
  • Cache-based attacks
  • Countermeasures
  • Digital forensics
  • Digital investigation
  • Exploits
  • Microarchitectural analysis
  • Side channels

Cite this