According to the World Economic Forum, cyber attacks are considered as one of the most important sources of risk to companies and institutions worldwide. Attacks can target the network, software, and/or hardware. During the past years, much knowledge has been developed to understand and mitigate cyberattacks. However, new threats have appeared in recent years regarding software attacks that exploit hardware vulnerabilities. We define these attacks as architectural attacks. Today, both industry and academy have only limited comprehension of architectural attacks, which represents a critical issue for the design of future systems. To this end, this work proposes a new taxonomy, a new attack model, and a complete survey of existing architectural attacks. As a result, our study provides the tools to understand the Architectural Attacks deeply and start building better designs as well as protection mechanisms.
翻译:根据世界经济论坛,网络攻击被视为全世界公司和机构最重要的风险来源之一;攻击可以针对网络、软件和(或)硬件;在过去几年里,已经积累了大量知识来理解和减轻网络攻击;然而,近年来出现了利用硬件弱点的软件攻击的新威胁;我们将这些攻击定义为建筑攻击;今天,工业和学院对建筑攻击的理解有限,这是设计未来系统的一个关键问题;为此,这项工作提出了一个新的分类学、新的攻击模式和对现有建筑攻击的彻底调查;结果,我们的研究提供了深入理解建筑攻击并开始建立更好的设计和保护机制的工具。