Table of Contents
Fetching ...

Memory Under Siege: A Comprehensive Survey of Side-Channel Attacks on Memory

MD Mahady Hassan, Shanto Roy, Reza Rahaeimehr

TL;DR

Memory SCAM surveys address a growing threat from side-channel leaks in memory subsystems, including caches, DRAM, and page tables, across multi-tenant and embedded environments. The paper proposes a five-category taxonomy (Timing-Based Attacks, Access Pattern Attacks, Signal-Based Attacks, Fault Injection Attacks, and Resource Contention Attacks) and maps attacks to hardware targets and mitigation strategies. It analyzes representative techniques (Spectre/Meltdown, Rowhammer, SEA, PTEA, PAA, etc.) and discusses hardware and software defenses, highlighting trade-offs and gaps. The work aims to guide researchers and practitioners toward resilient designs and proactive defenses against evolving memory-based side channels.

Abstract

Side-channel attacks on memory (SCAM) exploit unintended data leaks from memory subsystems to infer sensitive information, posing significant threats to system security. These attacks exploit vulnerabilities in memory access patterns, cache behaviors, and other microarchitectural features to bypass traditional security measures. The purpose of this research is to examine SCAM, classify various attack techniques, and evaluate existing defense mechanisms. It guides researchers and industry professionals in improving memory security and mitigating emerging threats. We begin by identifying the major vulnerabilities in the memory system that are frequently exploited in SCAM, such as cache timing, speculative execution, \textit{Rowhammer}, and other sophisticated approaches. Next, we outline a comprehensive taxonomy that systematically classifies these attacks based on their types, target systems, attack vectors, and adversarial capabilities required to execute them. In addition, we review the current landscape of mitigation strategies, emphasizing their strengths and limitations. This work aims to provide a comprehensive overview of memory-based side-channel attacks with the goal of providing significant insights for researchers and practitioners to better understand, detect, and mitigate SCAM risks.

Memory Under Siege: A Comprehensive Survey of Side-Channel Attacks on Memory

TL;DR

Memory SCAM surveys address a growing threat from side-channel leaks in memory subsystems, including caches, DRAM, and page tables, across multi-tenant and embedded environments. The paper proposes a five-category taxonomy (Timing-Based Attacks, Access Pattern Attacks, Signal-Based Attacks, Fault Injection Attacks, and Resource Contention Attacks) and maps attacks to hardware targets and mitigation strategies. It analyzes representative techniques (Spectre/Meltdown, Rowhammer, SEA, PTEA, PAA, etc.) and discusses hardware and software defenses, highlighting trade-offs and gaps. The work aims to guide researchers and practitioners toward resilient designs and proactive defenses against evolving memory-based side channels.

Abstract

Side-channel attacks on memory (SCAM) exploit unintended data leaks from memory subsystems to infer sensitive information, posing significant threats to system security. These attacks exploit vulnerabilities in memory access patterns, cache behaviors, and other microarchitectural features to bypass traditional security measures. The purpose of this research is to examine SCAM, classify various attack techniques, and evaluate existing defense mechanisms. It guides researchers and industry professionals in improving memory security and mitigating emerging threats. We begin by identifying the major vulnerabilities in the memory system that are frequently exploited in SCAM, such as cache timing, speculative execution, \textit{Rowhammer}, and other sophisticated approaches. Next, we outline a comprehensive taxonomy that systematically classifies these attacks based on their types, target systems, attack vectors, and adversarial capabilities required to execute them. In addition, we review the current landscape of mitigation strategies, emphasizing their strengths and limitations. This work aims to provide a comprehensive overview of memory-based side-channel attacks with the goal of providing significant insights for researchers and practitioners to better understand, detect, and mitigate SCAM risks.
Paper Structure (46 sections, 1 figure, 6 tables)