Memory Under Siege: A Comprehensive Survey of Side-Channel Attacks on Memory

TL;DR

This paper provides a comprehensive survey of side-channel attacks on memory, classifying attack techniques, analyzing vulnerabilities, and reviewing mitigation strategies to enhance memory security.

Contribution

It offers a systematic taxonomy of memory side-channel attacks and evaluates existing defenses, aiding researchers and industry in improving security measures.

Findings

Identifies major vulnerabilities like cache timing and Rowhammer.

Classifies attacks based on type, target, and adversarial capabilities.

Reviews strengths and limitations of current mitigation strategies.

Abstract

Side-channel attacks on memory (SCAM) exploit unintended data leaks from memory subsystems to infer sensitive information, posing significant threats to system security. These attacks exploit vulnerabilities in memory access patterns, cache behaviors, and other microarchitectural features to bypass traditional security measures. The purpose of this research is to examine SCAM, classify various attack techniques, and evaluate existing defense mechanisms. It guides researchers and industry professionals in improving memory security and mitigating emerging threats. We begin by identifying the major vulnerabilities in the memory system that are frequently exploited in SCAM, such as cache timing, speculative execution, \textit{Rowhammer}, and other sophisticated approaches. Next, we outline a comprehensive taxonomy that systematically classifies these attacks based on their types, target systems, attack vectors, and adversarial capabilities required to execute them. In addition, we review the current landscape of mitigation strategies, emphasizing their strengths and limitations. This work aims to provide a comprehensive overview of memory-based side-channel attacks with the goal of providing significant insights for researchers and practitioners to better understand, detect, and mitigate SCAM risks.