A Review of Blocking Side-Channel Threats in Parallel Cloud Systems

Year : 2025 | Volume : 12 | Issue : 02 | Page : 15 25
    By

    Yamuna Mundru,

  • Atti Manga Devi,

  • Manas Kumar Yogi,

  1. Assistant Professor, Department of Computer Science and Engineering (Artificial Intelligence and Machine Learning) (CSE-AI & ML), Pragati Engineering College (A), Surampalem, Andhra Pradesh, India
  2. Assistant Professor, Department of Information Technology, Pragati Engineering College (A), Surampalem, Andhra Pradesh, India
  3. Assistant Professor, Department of Computer Science and Engineering (CSE), Pragati Engineering College (A), Surampalem, Andhra Pradesh, India

Abstract

Side-channel attacks (SCAs) pose a critical security threat to parallel computing systems, particularly in shared cloud environments where multi-tenancy and resource contention create exploitable vulnerabilities. This study presents a comprehensive review of SCAs in parallel architectures, analyzing attack vectors such as cache-based exploits (e.g., Prime + Probe, Flush + Reload), timing attacks, power analysis, and network-based covert channels. We examine real-world cases including Spectre and Meltdown vulnerabilities that exposed fundamental flaws in speculative execution across modern CPUs, along with cloud-specific risks in virtualized environments. The study systematically evaluates detection methodologies, including machine learning-based anomaly detection, hardware performance counter (HPC) monitoring, and formal verification techniques for algorithmic resilience. We then assess mitigation strategies spanning hardware isolation (Intel SGX, AMD SEV), software obfuscation (noise injection), architectural enhancements (constant-time execution), and policy-based controls. Key challenges in balancing security with performance overhead are discussed, alongside emerging threats from quantum computing and distributed architectures. Our analysis reveals that while current defenses reduce attack surfaces, gaps remain in standardized benchmarking, cross-layer protection for heterogeneous systems, and scalable solutions for exascale computing. The study concludes with research directions advocating for: (1) hardware-software co-design to optimize security-performance tradeoffs, (2) quantum-resistant parallel architectures, and (3) unified evaluation frameworks for SCA resilience. This work provides practitioners and researchers with a structured understanding of SCA risks in parallel systems and a roadmap for developing next-generation secure computing infrastructures.

Keywords: Side-channel attacks (SCAs), parallel computing, cloud computing, vulnerabilities, cache, mitigation

[This article belongs to Recent Trends in Parallel Computing ]

How to cite this article:
Yamuna Mundru, Atti Manga Devi, Manas Kumar Yogi. A Review of Blocking Side-Channel Threats in Parallel Cloud Systems. Recent Trends in Parallel Computing. 2025; 12(02):15-25.
How to cite this URL:
Yamuna Mundru, Atti Manga Devi, Manas Kumar Yogi. A Review of Blocking Side-Channel Threats in Parallel Cloud Systems. Recent Trends in Parallel Computing. 2025; 12(02):15-25. Available from: https://journals.stmjournals.com/rtpc/article=2025/view=222214


References

  1. Abadi M, Blanchet B, Fournet C. Just fast keying in the pi calculus. ACM Trans Inf Syst Secur. 2007 Jul 1; 10(3): 9-es.
  2. Bernstein DJ. Cache-timing attacks on AES. Chicago, IL: The University of Illinois at Chicago; 2005. p.60607–7045. http://wistp2007.wistp.org/fileadmin/damiensauveron/Cours/M2/certification/ Attacks/TimingAttack/cachetiming-20050414.pdf
  3. Canella C, Van Bulck J, Schwarz M, Lipp M, Von Berg B, Ortner P, Piessens F, Evtyushkin D, Gruss D. A systematic evaluation of transient execution attacks and defenses. In 28th USENIX Security Symposium (USENIX Security 19). 2019; 249–266.
  4. Ge Q, Yarom Y, Cock D, Heiser G. A survey of microarchitectural timing attacks and countermeasures on contemporary hardware. J Cryptogr Eng. 2018 Apr; 8: 1–27.
  5. Gruss D, Maurice C, Mangard S. Rowhammer. js: A remote software-induced fault attack in javascript. In Detection of Intrusions and Malware, and Vulnerability Assessment: 13th International Conference, DIMVA 2016, San Sebastián, Spain, July 7–8, 2016, Proceedings 13. Cham: Springer International Publishing; 2016; 300–321.
  6. Kocher P, Horn J, Fogh A, Genkin D, Gruss D, Haas W, Hamburg M, Lipp M, Mangard S, Prescher T, Schwarz M. Spectre attacks: Exploiting speculative execution. Commun ACM. 2020 Jun 18; 63(7): 93–101.
  7. Lipp M, Schwarz M, Gruss D, Prescher T, Haas W, Horn J, Mangard S, Kocher P, Genkin D, Yarom Y, Hamburg M. Meltdown: Reading kernel memory from user space. Commun ACM. 2020 May 21; 63(6): 46–56.
  8. Osvik DA, Shamir A, Tromer E. Cache attacks and countermeasures: the case of AES. In Topics in Cryptology–CT-RSA 2006: The Cryptographers’ Track at the RSA Conference 2006, San Jose, CA, USA, February 13-17, 2005. Proceedings. Berlin Heidelberg: Springer; 2006; 1–20.
  9. Schwarz M, Lipp M, Moghimi D, Van Bulck J, Stecklina J, Prescher T, Gruss D. ZombieLoad: Cross-privilege-boundary data sampling. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 2019 Nov 6; 753–768.
  10. Van Bulck J, Minkin M, Weisse O, Genkin D, Kasikci B, Piessens F, Silberstein M, Wenisch TF, Yarom Y, Strackx R. Foreshadow: Extracting the keys to the intel {SGX} kingdom with transient {Out-of-Order} execution. In 27th USENIX Security Symposium (USENIX Security 18). 2018; 991–1008.
  11. Wang Z, Lee RB. Covert and side channels due to processor architecture. In 2006 IEEE 22nd Annual Computer Security Applications Conference (ACSAC’06). 2006 Dec 11; 473–482.
  12. Yarom Y, Falkner K. {FLUSH+ RELOAD}: A high resolution, low noise, l3 cache {Side-Channel} attack. In 23rd USENIX security symposium (USENIX security 14). 2014; 719–732.
  13. Zhang Y, Juels A, Reiter MK, Ristenpart T. Cross-tenant side-channel attacks in PaaS clouds. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. 2014 Nov 3; 990–1003.
  14. Intel. (2018). Analysis of Speculative Execution Side Channels. [Online]. Available from: https://www.intel.com/content/dam/www/public/us/en/documents/white-papers/analysis-of-speculative-execution-side-channels-white-paper.pdf
  15. AMD. (2025). AMD Secure Encrypted Virtualization (SEV). [Online]. Available from: https://www.amd.com/en/developer/sev.html
Regular Issue Subscription Review Article
Volume 12
Issue 02
Received 15/04/2025
Accepted 06/05/2025
Published 04/06/2025
Publication Time 50 Days
130

Login


My IP

PlumX Metrics