Title: Hardware-based cyber threats: attack vectors and defence techniques

Authors: Reza Montasari; Richard Hill; Simon Parkinson; Alireza Daneshkhah; Amin Hosseinian-Far

Addresses: Department of Computer Science, School of Computing and Engineering, University of Huddersfield, Queensgate, HD1 3DH, UK ' Department of Computer Science, School of Computing and Engineering, University of Huddersfield, Queensgate, HD1 3DH, UK ' Department of Computer Science, School of Computing and Engineering, University of Huddersfield, Queensgate, HD1 3DH, UK ' School of Computing, Electronics and Maths, Coventry University, UK ' University of Northampton, Waterside Campus, University Drive, Northampton, NN1 5PH, UK

Abstract: There are certain vulnerabilities associated with computing hardware that attackers can exploit to launch destructive attacks which often go undetected by the existing hardware and software countermeasures. Side channel attacks (SCAs) and Rowhammer attacks (RHAs), the consequences of hardware vulnerabilities, pose significant security and privacy threats to self-contained computing components and their end-users respectively. Such attacks compromise the security of computational environments, even those with advanced protection mechanisms such as virtualisation, sandboxes or robust encryptions. In light of these security threats against modern computing hardware, we perform an analysis overview of the modi operandi of SCAs and RHAs in hardware implementation and techniques that can be used to extract sensitive data such as secret keys. We then propose various countermeasures to safeguard against these attacks.

Keywords: side channels; microarchitectural attacks; cyber threats; hardware attacks; embedded systems; digital investigations; countermeasures.

DOI: 10.1504/IJESDF.2020.110675

International Journal of Electronic Security and Digital Forensics, 2020 Vol.12 No.4, pp.397 - 411

Received: 23 Sep 2019
Accepted: 31 Oct 2019

Published online: 27 Oct 2020 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article