Application-Specific Power Side-Channel Attacks and Countermeasures: A Survey

TL;DR

This survey comprehensively reviews power side-channel attacks across various application domains, highlighting recent attack methods and countermeasures beyond traditional cryptography, including machine learning and user data exploitation.

Contribution

It offers a detailed classification and comparison of recent power side-channel attacks tailored to diverse application-specific contexts, expanding beyond cryptographic focus.

Findings

Power side-channel attacks are now applied in machine learning and user data analysis.

Countermeasures vary significantly across different application domains.

Recent attacks demonstrate increased versatility and sophistication.

Abstract

Side-channel attacks try to extract secret information from a system by analyzing different side-channel signatures, such as power consumption, electromagnetic emanation, thermal dissipation, acoustics, time, etc. Power-based side-channel attack is one of the most prominent side-channel attacks in cybersecurity, which rely on data-dependent power variations in a system to extract sensitive information. While there are related surveys, they primarily focus on power side-channel attacks on cryptographic implementations. In recent years, power-side channel attacks have been explored in diverse application domains, including key extraction from cryptographic implementations, reverse engineering of machine learning models, user behavior data exploitation, and instruction-level disassembly. In this paper, we provide a comprehensive survey of power side-channel attacks and their countermeasures in different application domains. Specifically, this survey aims to classify recent power side-channel attacks and provide a comprehensive comparison based on application-specific considerations.