Analyzing Microarchitectural Side-Channel Attacks Using Open-source gem5 simulator
Action | Key |
---|---|
Play / Pause | K or space |
Mute / Unmute | M |
Toggle fullscreen mode | F |
Select next subtitles | C |
Select next audio track | A |
Toggle automatic slides maximization | V |
Seek 5s backward | left arrow |
Seek 5s forward | right arrow |
Seek 10s backward | shift + left arrow or J |
Seek 10s forward | shift + right arrow or L |
Seek 60s backward | control + left arrow |
Seek 60s forward | control + right arrow |
Seek 1 frame backward | alt + left arrow |
Seek 1 frame forward | alt + right arrow |
Decrease volume | shift + down arrow |
Increase volume | shift + up arrow |
Decrease playback rate | < |
Increase playback rate | > |
Seek to end | end |
Seek to beginning | beginning |
Share this media
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamWhen subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
Microarchitectural side-channel attacks exploit subtle hardware behaviors, such as cache activity and instruction retirement patterns, to extract sensitive information. Understanding these attacks is essential for developing effective mitigations. However, real hardware imposes limitations on observability and experimental flexibility. The gem5 simulator, an open-source and highly extensible architectural simulator, provides a powerful environment for analyzing these attacks with fine-grained control over execution, memory access, and timing behaviors. In this presentation, I will demonstrate how gem5 can be used to evaluate side-channel vulnerabilities, focusing on attack scenarios such as Flush+Fault and Access-Retired attacks targeting the RISC-V architecture. By simulating both attack and non-attack conditions under controlled settings, gem5 enables precise identification of attack patterns. These datasets can then be used to train machine learning (ML) models for classifying microarchitectural events with high accuracy. By leveraging gem5’s multi-ISA support, full-system simulation, and cycle-accurate modeling, researchers gain deeper insights into attack mechanisms, accelerate the prototyping of detection techniques, and design architectures resilient to both known and emerging side-channel threats. This approach not only enhances detection capabilities but also informs secure hardware-software co-design strategies.
Other media in the channel "2025"
10 views, 10 this year, 10 this monthEXADPrinter: Exhaustive Permissionless Device Fingerprinting Within the Android EcosystemJuly 3rd, 2025
7 views, 7 this year, 7 this monthMetadata Protection in Instant Messaging Applications: a ReviewJuly 3rd, 2025
4 views, 4 this year, 4 this monthThe Even Darker Web - Dirty tricks and questionable code choices on some of the world's largest websitesJuly 4th, 2025
8 views, 8 this year, 8 this monthFun with flags: How Compilers Break and Fix Constant-Time CodeJuly 3rd, 2025
11 views, 11 this year, 11 this monthSecrets at Sea: Hunting Exposed Code & Container RegistriesJuly 3rd, 2025
9 views, 9 this year, 9 this monthRootAsRole: Simplifying Linux Privileges and Fortifying Ansible DeploymentsJuly 3rd, 2025