Survey of Access-Driven Cache-Based Side Channel Attack

In recent years, massive heterogeneous IoT (Internet of things) terminal devices carry the core functions, and they are easier to be the direct targets of attackers. Besides, more terminal devices and cloud platforms are suffering from cache-based side channel attacks. These attacks construct the fine-grained and the concealed cache side channel to extract sensitive data (such as encryption keys) from the target devices, which defeats the isolation mechanism. In this paper, we focus on access-driven cache-based side channel attack technology. Firstly, the fundamental principle and the current research status of cache-based side channel attack are present. Then, "Evict+Reload" attack, "Prime+Probe" attack and "Flush+Reload" attack, which belong to access-driven cache-based side channel attack, are described mainly. Especially, the attack principle, implementation process and attack effect are elaborated through theoretical analysis and experimental verification. After that, the characteristics and applications of the above three attacks are discussed, and the comparison results are given. Furthermore, the current challenges in LLC (last-level cache) attack and noise elimination are proposed. Finally, the future research directions are pointed out in the era of IoE (Internet of everything), in terms of the gradual change of the cache hierarchy, the massive data storage of the cloud platforms, and the widespread deployment of TEE (trusted execution environment) on physical devices.