Avoiding, Preventing, and Mitigating CPU-based Side Channel Attacks: A Best Practice Guide

  • Thomas Harris

    Student thesis: Master's Thesis


    The aim of this project is to perform extensive research on a variety of side-channel attacks, their effects, and how they are mitigated. Using this large pool of information, the attacks and their mitigation techniques will then be further explained using existing (secondary) and email/conversational based interviews with others (primary). Furthermore, there will be primary resources created for this project, in the form of a guide and interactive tutorial which allow academics (students, lecturers, and researchers) to broaden their knowledge on side-channel attacks and their mitigation techniques. The guide will be in a written format which is available online within both a GitHub repository and on a website that is also hosted on GitHub. Alongside this guide will be an interactive tutorial created using one of many available tools to provide a range of effective learning for the target audience.

    The purpose of this project is to gather existing research on various CPU-based side-channel attacks and their mitigation strategies into a single source (referred to as a Best Practice Guide, or BPG). This source will be created as the deliverable for this project and will be suited towards academia to be used as a teaching aid. The BPG will contain a variety of both secondary (peer reviewed articles and journals) and primary sources (contact with researchers within the field). The BPG will be distributed in several ways, physically as a paper copy to allow hands on and portable use, online hosted on a previously constructed website to allow access at all times (internet access willing), and in an interactive format using a popular learning service called ‘TryHackMe’. This allows the creation of rooms that can be used to teach a particular cyber security technique or software. Using TryHackMe, a room will be created with brief information on side-channels attacks in general, with more readily available sub-tutorials on a specific attack (Spectre or one of its variants). Using these, users would learn the workings of a side-channel attack from the safety of a sandboxed and isolated VM that accompanies the room. There will be various objectives and ‘quests’ for users to fulfil that move forward with the end goal of embedding an understanding of side-channel attacks in a practical sense.

    The predicted conclusion of this project will be a fully finished and comprehensive report and BPG on five CPUd side-channel attacks and their mitigation techniques. The BPG being an effective teaching aid and referenceable document for future research. Furthermore, the BPG will have several forms to allow different individuals and academia (lecturers, students, researchers) to have access should they be offline, online, or away from their PC/laptop.
    Date of Award2022
    Original languageEnglish
    SupervisorRichard Ward (Supervisor) & Peter Eden (Supervisor)

    Cite this