| 引用本文: |
-
黄玉彪,李沛南,乔欢,侯锐.预取侧信道攻击综述[J].信息安全学报,已采用 [点击复制]
- HUANG Yubiao,LI Peinan,QIAO Huan,HOU Rui.A Survey of Prefetch Side Channel Attack[J].Journal of Cyber Security,Accept [点击复制]
|
|
| 摘要: |
| 随着计算机体系结构的不断演进,不同的微架构优化技术在提升系统效率的同时,也引入了新的安全隐患。预取机制作为现代处理器中必不可少的性能提升手段,通过预测并提前加载数据到缓存中,有效减少了内存访问延迟。然而,近年来研究发现,预取机制自身存在安全漏洞,攻击者能够利用软件预取指令、硬件预取器执行的预取操以及预取器中存储的预取模式,实施侧信道攻击,窃取用户敏感信息。预取侧信道攻击(Prefetch Side-Channel Attacks,PSCAs)已成为体系结构安全领域的研究热点。预取侧信道攻击的危害在于,它能够绕过传统的安全边界和权限检查,仅凭对微架构行为的观测就能泄露信息。相关攻击不仅影响Intel、AMD等主流x86架构处理器,还波及ARM、Apple等多种架构,攻击面广泛。基于当前的研究现状,本文首次对现有预取侧信道攻击的研究进行系统性的调研和总结。本文首先从预取机制的基本原理切入,梳理了预取技术的发展历程,详细归纳了预取器的分类及其典型实现方式;接着,深入剖析了预取机制存在的风险点,揭示了预取侧信道攻击所带来的威胁;随后,针对不同类型的预取侧信道攻击展开了系统分析,重点讨论了针对预取指令、预取操作以及预取模式的三种攻击方式,并详细阐释了其攻击原理;最后,本文总结了当前针对预取侧信道攻击的主要防御策略,并展望了未来的预取侧信道攻防的发展趋势。本文的研究不仅弥补了该领域系统性研究的不足,同时也为后续相关研究提供了重要的理论支持与参考价值。 |
| 关键词: 处理器安全 预取指令 预取器 微架构攻击 侧信道攻击 |
| DOI: |
| 投稿时间:2025-07-04修订日期:2025-12-02 |
| 基金项目:国家自然科学基金项目(面上项目,重点项目,重大项目) |
|
| A Survey of Prefetch Side Channel Attack |
|
HUANG Yubiao, LI Peinan, QIAO Huan, HOU Rui
|
| (Institute of Information Engineering, Chinese Academy of Sciences) |
| Abstract: |
| As computer architecture continues to evolve, various microarchitectural optimization techniques have significantly improved system efficiency while introducing new security vulnerabilities. Prefetching mechanisms, as an essential performance enhancement technique in modern processors, predict and pre-load data into caches, effectively reducing memory access latency. However, recent research has revealed that prefetching mechanisms themselves are prone to security vulnerabilities. Attackers can exploit software prefetch instructions, hardware prefetcher operations, and prefetch patterns stored within prefetchers to execute side-channel attacks and steal sensitive user information. Prefetch Side-Channel Attacks (PSCAs) have thus become a research hotspot in the field of architectural security. The severity of PSCAs lies in their ability to bypass traditional security boundaries and permission checks, leaking information by merely observing microarchitectural behaviors. Such attacks impact not only mainstream x86 processors from Intel and AMD but also extend to architectures such as ARM and Apple, demonstrating a broad attack surface. In light of the current research landscape, this paper provides the first systematic review and analysis of existing research on PSCAs. The paper begins by introducing the fundamental principles of prefetching mechanisms, reviewing the development history of prefetching technology, and categorizing prefetchers along with their typical implementations. Subsequently, it conducts an in-depth analysis of the risk points inherent in prefetching mechanisms, uncovering the threats posed by PSCAs. Following this, the paper systematically explores different types of PSCAs, focusing on three primary attack approaches: those targeting prefetch instructions, prefetch operations, and prefetch patterns, with detailed explanations of their attack principles. Finally, the paper summarizes the current defense strategies against PSCAs and discusses future trends in the development of prefetch side-channel attack and defense techniques. This paper not only fills the gap in systematic research on PSCAs but also provides valuable theoretical insights and references for subsequent research in this domain. |
| Key words: processor security prefetch instructions prefetcher microarchitectural attacks side-channel attacks |
