@inproceedings{85575f8f5c814715bb9f097331b42874,
title = "Identifying Microbenchmark Signatures of Existing Microarchitectural Exploits Using the Unified Side Channel Attack - Model (USCA-M) Four-Phase Testing Process",
abstract = "This paper presents the Unified Side Channel Attack – Model (USCA-M) four-phase testing process that can been used to represent microbenchmark signatures of microarchitecture exploits. The microbenchmark signatures have been created from generated hardware performance counter (HPC) events from the critical code components at assembly level on an Intel Core i7 CPU. Identifying critical components from the thousands of lines of assembly code from the various exploit proof of concepts (POCs) was a key factor, otherwise it would render the POCs unsuccessful. The USCA-M four-phase testing process includes exploit placement into a USCA-M matrix, testing, verification, and validation. This four-phase testing process enabled identification of the critical components used within the exploit and at a low-level catch the HPC events that were represented as microbenchmark signatures. The use of microarchitectural exploits as the design benchmark served three purposes. Firstly, demonstrations of microarchitectural based attacks are published alongside open source POCs and exploit code. Secondly, using exploit code minimizes the need for complex test bed set up and expensive equipment required for other SCA type analysis. Lastly, there is a broad range of open-source resources available that could be used tools for exploit code analysis. The use of the USCA-M four-phased testing process provides a uniform categorization of exploits and the signatures generated could be used in intrusion detection systems to identify microarchitectural-based malicious code.",
keywords = "Microarchitecture, Codes, Digital forensics, Intrusion detection, Side-channel attacks, Benchmark testing, Malware",
author = "Richard Ward and Andrew Johnson",
year = "2023",
month = may,
day = "26",
doi = "10.1109/ISDFS58141.2023.10131863",
language = "English",
series = "2023 11th International Symposium on Digital Forensics and Security (ISDFS)",
publisher = "Institute of Electrical and Electronics Engineers",
pages = "1--5",
editor = "Asaf Varol and Murat Karabatak and Cihan Varol and Ahad Nasab",
booktitle = "11th International Symposium on Digital Forensics and Security (ISDFS)",
note = "2023 11th International Symposium on Digital Forensics and Security (ISDFS) ; Conference date: 11-05-2023 Through 12-05-2023",
}