|国家科技期刊平台
| 注册
首页|期刊导航|密码学报(中英文)|微架构安全漏洞攻击技术综述

微架构安全漏洞攻击技术综述

王泉成 唐明

密码学报(中英文)2024,Vol.11Issue(6):1199-1232,34.
密码学报(中英文)2024,Vol.11Issue(6):1199-1232,34.DOI:10.13868/j.cnki.jcr.000730

微架构安全漏洞攻击技术综述

Survey of Attack Techniques for Microarchitecture Security Vulnerabilities

王泉成 1唐明1

作者信息

  • 1. 武汉大学 国家网络安全学院 空天信息安全与可信计算教育部重点实验室,武汉 430072
  • 折叠

摘要

Abstract

As researchers discover more and more microarchitectural designs that are potential sources of information leakage,the study of related attack and defense techniques has also become a hot research topic in academia and industry.Therefore,this study systematically summarizes the attack techniques of microarchitecture security vulnerabilities that have been identified by researchers from the perspective of processor microarchitecture design,including timing side-channel attacks,tran-sient execution attacks,and covert-channel attacks.Based on this classification,the attack types,corresponding vulnerabilities,attack principles,and vulnerable security mechanisms of each class of microarchitecture attacks are analyzed and summarized in detail.Then,a directed acyclic graph(DAG)model is proposed to analyze the vulnerability of processor microarchitecture based on the microarchitectural vulnerabilities and attack principles exploited by microarchitecture attacks.In this model,the operations in the attack flow is combined with the shared microarchitectural resources of the processor microarchitecture and this method is used to model each class of microarchitecture attacks,which can provide a better understanding of the root cause and attack principle of microarchitecture attacks.In addition,the potential applications of the proposed DAG analysis model is investigated from vulnerability validation and defense analysis perspectives.A new microarchitecture attack is also found and a cache timing side-channel defense strategy is introduced based on the proposed model.Finally,this study discusses future research directions and trends in the field of processor security from both attack and defense perspectives.

关键词

处理器安全/微架构设计/侧信道攻击/暂态攻击/隐蔽信道攻击/系统安全

Key words

processor security/microarchitecture design/side-channel attack/transient execution attack/covert-channel attack/system security

分类

信息技术与安全科学

引用本文复制引用

王泉成,唐明..微架构安全漏洞攻击技术综述[J].密码学报(中英文),2024,11(6):1199-1232,34.

基金项目

国家重点研发计划(2022YFB3103800) (2022YFB3103800)

国家自然科学基金(61972295)National Key Research and Development Program of China(2022YFB3103800) (61972295)

National Natural Science Foundation of China(61972295) (61972295)

密码学报(中英文)

OA北大核心CSTPCD

2095-7025

访问量0
|
下载量0
段落导航相关论文