{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,20]],"date-time":"2026-04-20T10:26:33Z","timestamp":1776680793298,"version":"3.51.2"},"reference-count":237,"publisher":"Association for Computing Machinery (ACM)","issue":"7","license":[{"start":{"date-parts":[[2022,12,15]],"date-time":"2022-12-15T00:00:00Z","timestamp":1671062400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"National Science Foundation","award":["CNS-2053383, CNS-2130978, and CNS-1955650"],"award-info":[{"award-number":["CNS-2053383, CNS-2130978, and CNS-1955650"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2023,7,31]]},"abstract":"<jats:p>With the increasing proliferation of hardware accelerators and the predicted continued increase in the heterogeneity of future computing systems, it is necessary to understand the security properties of such systems. In this survey article, we consider the security of heterogeneous systems against microarchitectural attacks, with a focus on covert- and side-channel attacks, as well as fault injection attacks. We review works that have explored the vulnerability of the individual accelerators (such as Graphical Processing Units, GPUs, and Field Programmable Gate Arrays, FPGAs) against these attacks, as well as efforts to mitigate them. We also consider the vulnerability of other components within a heterogeneous system such as the interconnect and memory component. We believe that this survey is especially timely, as new accelerators and heterogeneous systems are being designed such that these designs understand the security threats and develop systems that are not only performant but also secure.<\/jats:p>","DOI":"10.1145\/3544102","type":"journal-article","created":{"date-parts":[[2022,6,15]],"date-time":"2022-06-15T12:23:29Z","timestamp":1655295809000},"page":"1-40","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["Microarchitectural Attacks in Heterogeneous Systems: A Survey"],"prefix":"10.1145","volume":"55","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0468-3032","authenticated-orcid":false,"given":"Hoda","family":"Naghibijouybari","sequence":"first","affiliation":[{"name":"Binghamton University, Binghamton, NY, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6584-9086","authenticated-orcid":false,"given":"Esmaeil Mohammadian","family":"Koruyeh","sequence":"additional","affiliation":[{"name":"University of California Riverside, Riverside, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9485-5370","authenticated-orcid":false,"given":"Nael","family":"Abu-Ghazaleh","sequence":"additional","affiliation":[{"name":"University of California Riverside, Riverside, USA"}]}],"member":"320","published-online":{"date-parts":[[2022,12,15]]},"reference":[{"key":"e_1_3_1_2_2","unstructured":"Google. 2015. Chromium:window.performance.now does not support sub-millisecond precision on Windows. Retrieved from https:\/\/bugs.chromium.org\/p\/chromium\/issues\/detail?id=158234#c110."},{"key":"e_1_3_1_3_2","unstructured":"Intel. 2015. Intel and Micron Produce Breakthrough Memory Technology. Retrieved from https:\/\/newsroom.intel.com\/news-releases\/intel-and-micron-produce-breakthrough-memory-technology\/#gs.5irpfz."},{"key":"e_1_3_1_4_2","unstructured":"Nvidia. 2016. GRID VIRTUAL GPU. Technical Report. Nvidia. Retrieved from https:\/\/docs.nvidia.com\/grid\/latest\/grid-vgpu-user-guide\/index.html."},{"key":"e_1_3_1_5_2","unstructured":"AMD. 2016. Whitepaper: AMD Multiuser GPU: Hardware-enabled GPU Virtualization for a TrueWorkstation Experience. Technical Report."},{"key":"e_1_3_1_6_2","unstructured":"Luke Wagner. 2018. Mitigations landing for new class of timing attack. Retrieved from https:\/\/blog.mozilla.org\/security\/2018\/01\/03\/mitigations-landing-new-class-timing-attack\/."},{"key":"e_1_3_1_7_2","unstructured":"Nvidia. 2019. Security Notice. Retrieved from https:\/\/nvidia.custhelp.com\/app\/answers\/detail\/a_id\/4738."},{"key":"e_1_3_1_8_2","unstructured":"Dzmitry Malyshau. 2021. WebGPU Implementation Status. Retrieved from https:\/\/github.com\/gpuweb\/gpuweb\/wiki\/Implementation-Status."},{"key":"e_1_3_1_9_2","unstructured":"Gary Hilson. 2018. Adesto Touts ReRAM for Automotive. Retrieved from https:\/\/www.eetimes.com\/adesto-touts-reram-for-automotive\/."},{"key":"e_1_3_1_10_2","unstructured":"Alibaba. 2021. Super Computing Cluster. Retrieved from https:\/\/www.alibabacloud.com\/product\/scc."},{"key":"e_1_3_1_11_2","unstructured":"Alibaba. 2021. FPGA-based compute-optimized instance families. Retrieved from https:\/\/www.alibabacloud.com\/help\/doc-detail\/108504.html."},{"key":"e_1_3_1_12_2","unstructured":"Arm. 2021. Arm Ethos-N series processors. Retrieved from https:\/\/developer.arm.com\/ip-products\/processors\/machine-learning\/arm-ethos-n."},{"key":"e_1_3_1_13_2","unstructured":"Everspin Technologies. 2015. Automotive Temperature Range MRAM. Retrieved from https:\/\/www.everspin.com\/file\/882\/download."},{"key":"e_1_3_1_14_2","unstructured":"IEEE Computer Society. 2021. Developing Heterogeneous Cache Coherent SoCs\u2014and More! Retrieved from https:\/\/www.computer.org\/publications\/tech-news\/heterogeneous-system-architecture\/developing-heterogeneous-cache-coherent-socs-and-more."},{"key":"e_1_3_1_15_2","unstructured":"Infineon. 2021. Ferroelectric RAM(FeRAM) - Instant non-volatile memory. Retrieved from https:\/\/www.cypress.com\/products\/f-ram-nonvolatile-ferroelectric-ram."},{"key":"e_1_3_1_16_2","unstructured":"Mark Russinovich. 2017. Inside the Microsoft FPGA-based configurable cloud. Retrieved from https:\/\/www.slideshare.net\/insideHPC\/inside-microsofts-fpgabased-configurable-cloud."},{"key":"e_1_3_1_17_2","unstructured":"Intel. 2021. Intel Data Direct I\/O Technology. Retrieved from https:\/\/www.intel.com\/content\/www\/us\/en\/io\/data-direct-i-o-technology.html."},{"key":"e_1_3_1_18_2","unstructured":"Nvidia. 2021. Developing a Linux Kernel Module using GPUDirect RDMA. Retrieved from https:\/\/docs.nvidia.com\/cuda\/gpudirect-rdma\/index.html."},{"key":"e_1_3_1_19_2","unstructured":"Nvidia. 2021. NVIDIA DGX-2. Retrieved from https:\/\/www.nvidia.com\/en-us\/data-center\/dgx-2\/."},{"key":"e_1_3_1_20_2","unstructured":"Nvidia. 2021. Nvidia GPUDirect. Retrieved from https:\/\/developer.nvidia.com\/gpudirect."},{"key":"e_1_3_1_21_2","unstructured":"NVM Express. 2021. NVM Express Moves into The Future. Retrieved from https:\/\/nvmexpress.org\/wp-content\/uploads\/NVMe_Over_Fabrics.pdf."},{"key":"e_1_3_1_22_2","unstructured":"Intel. 2021. Optane\u2122PMem. Retrieved from https:\/\/www.intel.com\/content\/www\/us\/en\/architecture-and-technology\/optane-dc-persistent-memory.html."},{"key":"e_1_3_1_23_2","unstructured":"Arm. 2021. Security on ARM Trustzone. Retrieved from https:\/\/www.arm.com\/products\/security-on-arm\/trustzone."},{"key":"e_1_3_1_24_2","unstructured":"Arm. 2021. The Arm CoreLink CCI-550 Cache Coherent Interconnect. Retrieved from https:\/\/www.arm.com\/products\/silicon-ip-system\/corelink-interconnect\/cci-550."},{"key":"e_1_3_1_25_2","unstructured":"Nvidia. 2021. CUDA. Retrieved from https:\/\/developer.nvidia.com\/cuda-zone\/."},{"key":"e_1_3_1_26_2","unstructured":"Nvidia. 2021. MPS. Retrieved from https:\/\/docs.nvidia.com\/deploy\/mps\/index.html."},{"key":"e_1_3_1_27_2","unstructured":"NVIDIA. 2021. NVIDIA V100 TENSOR CORE GPU. Technical Report. Retrieved from https:\/\/www.nvidia.com\/en-us\/data-center\/v100\/."},{"key":"e_1_3_1_28_2","unstructured":"Khronos Group. 2021. OpenCL Overview. Retrieved from https:\/\/www.khronos.org\/opencl\/."},{"key":"e_1_3_1_29_2","unstructured":"Khronos Group. 2021. OpenCL Overview. Retrieved from https:\/\/www.khronos.org\/opengles\/."},{"key":"e_1_3_1_30_2","unstructured":"Khronos Group. 2021. OpenGL Overview. Retrieved from https:\/\/www.khronos.org\/opengl\/."},{"key":"e_1_3_1_31_2","unstructured":"Khronos Group. 2021. Vulkan Overview. Retrieved from https:\/\/www.khronos.org\/vulkan\/."},{"key":"e_1_3_1_32_2","unstructured":"Khronos Group. 2021. OpenGL ES. Retrieved from https:\/\/www.khronos.org\/webgl\/."},{"key":"e_1_3_1_33_2","unstructured":"Khronos Group. 2021. WebGL Security. https:\/\/www.khronos.org\/webgl\/security\/ Retrieved from https:\/\/www.khronos.org\/webgl\/security\/."},{"key":"e_1_3_1_34_2","doi-asserted-by":"publisher","DOI":"10.1145\/2872887.2750386"},{"key":"e_1_3_1_35_2","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA51647.2021.00036"},{"key":"e_1_3_1_36_2","doi-asserted-by":"publisher","DOI":"10.1145\/3466752.3480093"},{"key":"e_1_3_1_37_2","unstructured":"Amazon AWS. 2019. Amazon Elastic Graphics. Retrieved from https:\/\/aws.amazon.com\/ec2\/Elastic-GPUs\/."},{"key":"e_1_3_1_38_2","unstructured":"AMD. 2021. CoreLink Cache Coherent Interconnect Family. Retrieved from https:\/\/developer.arm.com\/ip-products\/system-ip\/corelink-interconnect\/corelink-cache-coherent-interconnect-family."},{"key":"e_1_3_1_39_2","doi-asserted-by":"publisher","DOI":"10.1145\/3297858.3304049"},{"key":"e_1_3_1_40_2","doi-asserted-by":"publisher","DOI":"10.1145\/3061639.3062311"},{"key":"e_1_3_1_41_2","unstructured":"ARM. 2021. CoreLink Cache Coherent Interconnect Family. Retrieved from https:\/\/developer.arm.com\/ip-products\/system-ip\/corelink-interconnect\/corelink-cache-coherent-interconnect-family."},{"key":"e_1_3_1_42_2","first-page":"249","volume-title":"28th USENIX Security Symposium (USENIX Security\u201919)","author":"Canella Claudio","year":"2019","unstructured":"Claudio Canella, Jo Van Bulck, Michael Schwarz, Moritz Lipp, Benjamin von Berg, Philipp Ortner, Frank Piessens, Dmitry Evtyushkin, and Daniel Gruss. 2019. A systematic evaluation of transient execution attacks and defenses. In 28th USENIX Security Symposium (USENIX Security\u201919). USENIX Association, 249\u2013266. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/canella."},{"key":"e_1_3_1_43_2","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363219"},{"key":"e_1_3_1_44_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-010-9083-9"},{"key":"e_1_3_1_45_2","volume-title":"Network and Distributed System Security Symposium","author":"Cao Yinzhi","year":"2017","unstructured":"Yinzhi Cao, Song Li, and Erik Wijmans. 2017. (Cross-)browser fingerprinting via OS and hardware level features. In Network and Distributed System Security Symposium."},{"key":"e_1_3_1_46_2","article-title":"Arch2030: A vision of computer architecture research over the next 15 Years","volume":"1612","author":"Ceze Luis","year":"2016","unstructured":"Luis Ceze, Mark Hill, and Thomas Wenisch. 2016. Arch2030: A vision of computer architecture research over the next 15 Years. ArXiv abs\/1612.03182 (2016).","journal-title":"ArXiv"},{"key":"e_1_3_1_47_2","doi-asserted-by":"publisher","DOI":"10.1109\/HST.2017.7951835"},{"key":"e_1_3_1_48_2","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2014.42"},{"key":"e_1_3_1_49_2","doi-asserted-by":"publisher","DOI":"10.1145\/2654822.2541967"},{"key":"e_1_3_1_50_2","doi-asserted-by":"publisher","DOI":"10.1109\/PACT.2011.21"},{"key":"e_1_3_1_51_2","unstructured":"Alex Christensen. 2015. Reduce resolution of performance.now. Retrieved from https:\/\/bugs.webkit.org\/show_bug.cgi?id=146531."},{"key":"e_1_3_1_52_2","doi-asserted-by":"publisher","DOI":"10.1145\/3361682"},{"key":"e_1_3_1_53_2","first-page":"1001","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"Ridder Finn de","year":"2021","unstructured":"Finn de Ridder, Pietro Frigo, Emanuele Vannacci, Herbert Bos, Cristiano Giuffrida, and Kaveh Razavi. 2021. SMASH: Synchronized many-sided Rowhammer attacks from JavaScript. In 30th USENIX Security Symposium (USENIX Security\u201921). USENIX Association, 1001\u20131018. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/ridder."},{"key":"e_1_3_1_54_2","volume-title":"International Symposium on Computer Architecture (ISCA)","author":"Demme John","year":"2013","unstructured":"John Demme, Matthew Maycock, Jared Schmitz, Adrian Tang, Adam Waksman, Simha Sethumadhavan, and Salvatore Stolfo. 2013. On the feasibility of online malware detection with performance counters. In International Symposium on Computer Architecture (ISCA)."},{"key":"e_1_3_1_55_2","doi-asserted-by":"publisher","DOI":"10.1109\/JSSC.1974.1050511"},{"key":"e_1_3_1_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/2086696.2086714"},{"key":"e_1_3_1_57_2","volume-title":"International Symposium on Computer Architecture (ISCA)","author":"Dutta Sankha B.","year":"2021","unstructured":"Sankha B. Dutta, Hoda Naghibijouybari, Nael Abu-Ghazaleh, Andres Marquez, and Kevin Barker. 2021. Leaky buddies: Cross-component covert channels on integrated CPU-GPU systems. In International Symposium on Computer Architecture (ISCA)."},{"key":"e_1_3_1_58_2","first-page":"365","volume-title":"38th Annual International Symposium on Computer Architecture (ISCA)","author":"Esmaeilzadeh Hadi","year":"2011","unstructured":"Hadi Esmaeilzadeh, Emily Blem, Ren\u00e9e St. Amant, Karthikeyan Sankaralingam, and Doug Burger. 2011. Dark silicon and the end of multicore scaling. In 38th Annual International Symposium on Computer Architecture (ISCA). 365\u2013376."},{"key":"e_1_3_1_59_2","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978374"},{"key":"e_1_3_1_60_2","doi-asserted-by":"publisher","DOI":"10.1145\/2870636"},{"key":"e_1_3_1_61_2","doi-asserted-by":"crossref","unstructured":"Dmitry Evtyushkin Ryan Riley Nael C. S. E. Abu-Ghazaleh E. C. E. and Dmitry Ponomarev. 2018. BranchScope: A new side-channel attack on directional branch predictor. In International Conference on Architecture Support for Operating Systems and Programming Languages (ASPLOS\u201918) .","DOI":"10.1145\/3173162.3173204"},{"key":"e_1_3_1_62_2","first-page":"1","volume-title":"ACM\/IEEE 45th Annual International Symposium on Computer Architecture (ISCA)","author":"Fowers Jeremy","year":"2018","unstructured":"Jeremy Fowers, Kalin Ovtcharov, Michael Papamichael, Todd Massengill, Ming Liu, Daniel Lo, Shlomi Alkalay, Michael Haselman, Logan Adams, Mahdi Ghandi, Stephen Heil, Prerak Patel, Adam Sapek, Gabriel Weisz, Lisa Woods, Sitaram Lanka, Stephen K. Reinhardt, Adrian M. Caulfield, Eric S. Chung, and Doug Burger. 2018. A configurable cloud-scale DNN processor for real-time AI. In ACM\/IEEE 45th Annual International Symposium on Computer Architecture (ISCA). 1\u201314."},{"key":"e_1_3_1_63_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00022"},{"key":"e_1_3_1_64_2","volume-title":"IEEE Symposium on Security and Privacy","author":"Frigo Pietro","year":"2020","unstructured":"Pietro Frigo, Emanuele Vannacci, Hasan Hassan, Victor van der Veen, Onur Mutlu, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi. 2020. TRRespass: Exploiting the many sides of target row refresh. In IEEE Symposium on Security and Privacy. Retrieved from https:\/\/download.vusec.net\/papers\/trrespass_sp20.pdfSlides."},{"key":"e_1_3_1_65_2","doi-asserted-by":"publisher","DOI":"10.1145\/3195970.3196042"},{"key":"e_1_3_1_66_2","first-page":"1080","article-title":"How does strict parallelism affect security? A case study on the side-channel attacks against GPU-based bitsliced AES implementation","volume":"2018","author":"Gao Yiwen","year":"2018","unstructured":"Yiwen Gao, Yongbin Zhou, and Wei Cheng. 2018. How does strict parallelism affect security? A case study on the side-channel attacks against GPU-based bitsliced AES implementation. IACR Cryptol. ePrint Arch. 2018 (2018), 1080.","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"e_1_3_1_67_2","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-016-0141-6"},{"key":"e_1_3_1_68_2","doi-asserted-by":"publisher","DOI":"10.1145\/3196494.3196518"},{"key":"e_1_3_1_69_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00070"},{"key":"e_1_3_1_70_2","doi-asserted-by":"publisher","DOI":"10.1145\/3400302.3415695"},{"key":"e_1_3_1_71_2","doi-asserted-by":"publisher","DOI":"10.1109\/HOST49136.2021.9702277"},{"key":"e_1_3_1_72_2","doi-asserted-by":"publisher","DOI":"10.23919\/DATE48585.2020.9116481"},{"key":"e_1_3_1_73_2","first-page":"1394","article-title":"Voltage-based covert channels in multi-tenant FPGAs","volume":"2019","author":"Gnad Dennis R. E.","year":"2019","unstructured":"Dennis R. E. Gnad, Cong Dang Khoa Nguyen, Syed Hashim Gillani, and Mehdi Tahoori. 2019. Voltage-based covert channels in multi-tenant FPGAs. IACR Cryptol. ePrint Arch. 2019 (2019), 1394.","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"e_1_3_1_74_2","article-title":"Explaining and harnessing adversarial examples","volume":"1412","author":"Goodfellow Ian","year":"2015","unstructured":"Ian Goodfellow, Jonathon Shlens, and Christian Szegedy. 2015. Explaining and harnessing adversarial examples. CoRR abs\/1412.6572 (2015).","journal-title":"CoRR"},{"key":"e_1_3_1_75_2","unstructured":"Google Cloud. 2020. Cloud Tensor Processing Units (TPUs). Retrieved from https:\/\/cloud.google.com\/tpu\/docs\/tpus."},{"key":"e_1_3_1_76_2","unstructured":"Google Cloud Platform. 2019. Cloud GPUs. Retrieved from https:\/\/cloud.google.com\/gpu\/."},{"key":"e_1_3_1_77_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-42068-0_7"},{"key":"e_1_3_1_78_2","volume-title":"European Symposium on Research in Computer Security","author":"Gruss Daniel","year":"2015","unstructured":"Daniel Gruss, David Bidner, and Stefan Mangard. 2015. Practical memory deduplication attacks in sandboxed JavaScript. In European Symposium on Research in Computer Security."},{"key":"e_1_3_1_79_2","first-page":"245","volume-title":"IEEE Symposium on Security and Privacy (SP)","author":"Gruss Daniel","year":"2018","unstructured":"Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O\u2019Connell, Wolfgang Schoechl, and Yuval Yarom. 2018. Another flip in the wall of Rowhammer defenses. In IEEE Symposium on Security and Privacy (SP). IEEE, 245\u2013261."},{"key":"e_1_3_1_80_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-40667-1_15"},{"key":"e_1_3_1_81_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-40667-1_14"},{"key":"e_1_3_1_82_2","doi-asserted-by":"publisher","DOI":"10.1145\/3445814.3446747"},{"key":"e_1_3_1_83_2","first-page":"1","volume-title":"49th Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO)","author":"Ham Tae Jun","year":"2016","unstructured":"Tae Jun Ham, Lisa Wu, Narayanan Sundaram, Nadathur Satish, and Margaret Martonosi. 2016. Graphicionado: A high-performance and energy-efficient accelerator for graph analytics. In 49th Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO). IEEE, 1\u201313."},{"key":"e_1_3_1_84_2","doi-asserted-by":"publisher","DOI":"10.1145\/1815961.1815968"},{"key":"e_1_3_1_85_2","volume-title":"Computer Architecture: A Quantitative Approach","author":"Hennessy John L.","year":"2011","unstructured":"John L. Hennessy and David A. Patterson. 2011. Computer Architecture: A Quantitative Approach. Elsevier."},{"key":"e_1_3_1_86_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA.2014.6853228"},{"key":"e_1_3_1_87_2","doi-asserted-by":"publisher","DOI":"10.1145\/2228360.2228448"},{"key":"e_1_3_1_88_2","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378460"},{"key":"e_1_3_1_89_2","unstructured":"Jennifer Huffstetler. 2018. Intel processors and FPGAs\u2014Better together. Retrieved from https:\/\/itpeernetwork.intel.com\/intel-processors-fpga-better-together\/."},{"key":"e_1_3_1_90_2","first-page":"817","volume-title":"17th USENIX Symposium on Networked Systems Design and Implementation (NSDI\u201920)","author":"Hunt Tyler","year":"2020","unstructured":"Tyler Hunt, Zhipeng Jia, Vance Miller, Ariel Szekely, Yige Hu, Christopher J. Rossbach, and Emmett Witchel. 2020. Telekine: Secure computing with cloud GPUs. In 17th USENIX Symposium on Networked Systems Design and Implementation (NSDI\u201920). USENIX Association, 817\u2013833. Retrieved from https:\/\/www.usenix.org\/conference\/nsdi20\/presentation\/hunt."},{"key":"e_1_3_1_91_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.42"},{"key":"e_1_3_1_92_2","doi-asserted-by":"publisher","DOI":"10.1109\/DFT.2016.7684086"},{"key":"e_1_3_1_93_2","volume-title":"International Symposium on Microarchitecture (MICRO)","author":"Jaleel Aamer","year":"2010","unstructured":"Aamer Jaleel, Eric Borch, Malini Bhandaru, Simon C. Steely Jr., and Joel Emer. 2010. Achieving non-inclusive cache performance with inclusive caches\u2014temporal locality aware (TLA) cache management policies. In International Symposium on Microarchitecture (MICRO)."},{"key":"e_1_3_1_94_2","doi-asserted-by":"publisher","DOI":"10.1145\/3297858.3304021"},{"key":"e_1_3_1_95_2","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2016.7446081"},{"key":"e_1_3_1_96_2","doi-asserted-by":"publisher","DOI":"10.1145\/3060403.3060462"},{"key":"e_1_3_1_97_2","volume-title":"IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN)","author":"Zhangy Zhe Zhou, Zhou Liy, Junyi Wei, Yicheng","year":"2020","unstructured":"Zhe Zhou, Zhou Liy, Junyi Wei, Yicheng Zhangy, and Mohammad Abdullah Al Faruque. 2020. Leaky DNN: Stealing deep-learning model secret with GPU context-switching side-channel. In IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN)."},{"key":"e_1_3_1_98_2","volume-title":"International Symposium on High Performance Computer Architecture (HPCA)","author":"Kadam Gurunath","year":"2018","unstructured":"Gurunath Kadam, Danfeng Zhang, and Adwait Jog. 2018. RCoal: Mitigating GPU timing attack via subwarp-based randomized coalescing techniques. In International Symposium on High Performance Computer Architecture (HPCA). Retrieved from http:\/\/adwaitjog.github.io\/docs\/pdf\/rcoal-hpca18.pdf."},{"key":"e_1_3_1_99_2","doi-asserted-by":"crossref","first-page":"570","DOI":"10.1109\/HPCA47549.2020.00053","volume-title":"IEEE International Symposium on High Performance Computer Architecture (HPCA)","author":"Kadam Gurunath","year":"2020","unstructured":"Gurunath Kadam, Danfeng Zhang, and Adwait Jog. 2020. BCoal: Bucketing-based memory coalescing for efficient and secure GPUs. In IEEE International Symposium on High Performance Computer Architecture (HPCA). 570\u2013581."},{"key":"e_1_3_1_100_2","unstructured":"Tejas Karmarkar. 2021. Availability of Linux RDMA on Microsoft Azure. Retrieved from https:\/\/azure.microsoft.com\/en-us\/blog\/azure-linux-rdma-hpc-available\/."},{"key":"e_1_3_1_101_2","doi-asserted-by":"publisher","DOI":"10.1145\/2897937.2897962"},{"key":"e_1_3_1_102_2","volume-title":"International Symposium on Microarchitecture (MICRO)","author":"Kazdagli Mikhail","year":"2016","unstructured":"Mikhail Kazdagli, Vijay Janapa Reddi, and Mohit Tiwari. 2016. Quantifying and improving the efficiency of hardware-based mobile malware detectors. In International Symposium on Microarchitecture (MICRO)."},{"key":"e_1_3_1_103_2","first-page":"1445","volume-title":"29th USENIX Security Symposium (USENIX Security\u201920)","author":"Kenjar Zijo","year":"2020","unstructured":"Zijo Kenjar, Tommaso Frassetto, David Gens, Michael Franz, and Ahmad-Reza Sadeghi. 2020. V0LTpwn: Attacking x86 processor integrity from software. In 29th USENIX Security Symposium (USENIX Security\u201920). USENIX Association, 1445\u20131461. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/kenjar."},{"key":"e_1_3_1_104_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICCD.2018.00021"},{"key":"e_1_3_1_105_2","doi-asserted-by":"publisher","DOI":"10.1145\/3214292.3214302"},{"key":"e_1_3_1_106_2","doi-asserted-by":"publisher","DOI":"10.1109\/LCA.2018.2860006"},{"key":"e_1_3_1_107_2","unstructured":"Khronos. 2016. WebGL timer. (2016). Retrieved from https:\/\/www.khronos.org\/registry\/webgl\/extensions\/EXT_disjoint_timer_query\/."},{"key":"e_1_3_1_108_2","first-page":"1","volume-title":"IEEE Hot Chips 26 Symposium (HCS)","author":"Kim Joonyoung","year":"2014","unstructured":"Joonyoung Kim and Younsu Kim. 2014. HBM: Memory solution for bandwidth-hungry processors. In IEEE Hot Chips 26 Symposium (HCS). IEEE, 1\u201324."},{"key":"e_1_3_1_109_2","first-page":"361","volume-title":"ACM\/IEEE 41st International Symposium on Computer Architecture (ISCA)","author":"Kim Yoongu","year":"2014","unstructured":"Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu. 2014. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors. In ACM\/IEEE 41st International Symposium on Computer Architecture (ISCA). 361\u2013372."},{"key":"e_1_3_1_110_2","volume-title":"40th IEEE Symposium on Security and Privacy (S&P\u201919)","author":"Kocher Paul","year":"2019","unstructured":"Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre attacks: Exploiting speculative execution. In 40th IEEE Symposium on Security and Privacy (S&P\u201919)."},{"key":"e_1_3_1_111_2","first-page":"463","volume-title":"25th USENIX Security Symposium (USENIX Security\u201916)","author":"Kohlbrenner David","year":"2016","unstructured":"David Kohlbrenner and Hovav Shacham. 2016. Trusted browsers for uncertain times. In 25th USENIX Security Symposium (USENIX Security\u201916). USENIX Association, 463\u2013480. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/kohlbrenner."},{"key":"e_1_3_1_112_2","volume-title":"12th USENIX Workshop on Offensive Technologies (WOOT\u201918)","author":"Koruyeh Esmaeil Mohammadian","year":"2018","unstructured":"Esmaeil Mohammadian Koruyeh, Khaled N. Khasawneh, Chengyu Song, and Nael Abu-Ghazaleh. 2018. Spectre returns! Speculation attacks using the return stack buffer. In 12th USENIX Workshop on Offensive Technologies (WOOT\u201918)."},{"key":"e_1_3_1_113_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2018.i3.44-68"},{"key":"e_1_3_1_114_2","doi-asserted-by":"publisher","DOI":"10.1145\/2749469.2750421"},{"key":"e_1_3_1_115_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00082"},{"key":"e_1_3_1_116_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISPASS.2013.6557176"},{"key":"e_1_3_1_117_2","unstructured":"J.-B. Lee. 2014. Green Memory Solution. In Samsung Electronics Investor\u2019s Forum. Retrieved from http:\/\/aod.teletogether.com\/sec\/20140519\/SAMSUNG_Investors_Forum_2014_session_1.pdf"},{"key":"e_1_3_1_118_2","doi-asserted-by":"publisher","DOI":"10.1145\/3300053.3319415"},{"key":"e_1_3_1_119_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00063"},{"key":"e_1_3_1_120_2","volume-title":"27th USENIX Security Symposium (USENIX Security\u201918)","author":"Lipp Moritz","year":"2018","unstructured":"Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading kernel memory from user space. In 27th USENIX Security Symposium (USENIX Security\u201918)."},{"key":"e_1_3_1_121_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSPW51379.2020.00102"},{"key":"e_1_3_1_122_2","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2016.7446082"},{"key":"e_1_3_1_123_2","volume-title":"International Symposium on Microarchitecture (MICRO)","author":"Liu Fangfei","year":"2014","unstructured":"Fangfei Liu and Ruby B. Lee. 2014. Random fill cache architecture. In International Symposium on Microarchitecture (MICRO)."},{"key":"e_1_3_1_124_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.43"},{"key":"e_1_3_1_125_2","first-page":"156","volume-title":"IEEE Security and Privacy Workshops (SPW)","author":"Liu Sihang","year":"2019","unstructured":"Sihang Liu, Yizhou Wei, Jianfeng Chi, Faysal H. Shezan, and Yuan Tian. 2019. Side channel attacks in computation offloading systems with GPU virtualization. In IEEE Security and Privacy Workshops (SPW). 156\u2013161."},{"key":"e_1_3_1_126_2","doi-asserted-by":"publisher","DOI":"10.1145\/3352460.3358262"},{"key":"e_1_3_1_127_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICCAD.2017.8203770"},{"key":"e_1_3_1_128_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2018.i3.573-595"},{"key":"e_1_3_1_129_2","doi-asserted-by":"publisher","DOI":"10.1145\/3341729"},{"key":"e_1_3_1_130_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICCD.2015.7357115"},{"key":"e_1_3_1_131_2","doi-asserted-by":"publisher","DOI":"10.23919\/DATE54114.2022.9774663"},{"key":"e_1_3_1_132_2","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243761"},{"key":"e_1_3_1_133_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA.2012.6237011"},{"key":"e_1_3_1_134_2","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488368"},{"key":"e_1_3_1_135_2","volume-title":"GPU Computing Gems (1st. ed.)","author":"Hwu Wen Mei","year":"2011","unstructured":"Wen Mei Hwu. 2011. GPU Computing Gems (1st. ed.). Elsevier."},{"key":"e_1_3_1_136_2","unstructured":"Micron. 2016. DDR4 SDRAM Datasheet. Retrieved from https:\/\/www.micron.com\/-\/media\/client\/global\/documents\/products\/data-sheet\/dram\/ddr4\/16gb_ddr4_sdram.pdf."},{"key":"e_1_3_1_137_2","unstructured":"Microsoft Azure. 2019. GPU-Accelerated Microsoft Azure. Retrieved from http:\/\/www.nvidia.com\/object\/gpu-accelerated-microsoft-azure.html."},{"key":"e_1_3_1_138_2","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046722"},{"key":"e_1_3_1_139_2","unstructured":"Mozilla. 2020. WebGL timer extension. Retrieved from https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/EXT_disjoint_timer_query."},{"key":"e_1_3_1_140_2","volume-title":"41st IEEE Symposium on Security and Privacy (S&P\u201920)","author":"Murdock Kit","year":"2020","unstructured":"Kit Murdock, David Oswald, Flavio D. Garcia, Jo Van Bulck, Daniel Gruss, and Frank Piessens. 2020. Plundervolt: Software-based fault injection attacks against Intel SGX. In 41st IEEE Symposium on Security and Privacy (S&P\u201920)."},{"key":"e_1_3_1_141_2","unstructured":"Onur Mutlu Saugata Ghose Juan G\u00f3mez-Luna and Rachata Ausavarungnirun. 2020. A Modern Primer on Processing in Memory. arxiv:cs.AR\/2012.03112."},{"key":"e_1_3_1_142_2","volume-title":"International Symposium on Microarchitecture (MICRO)","author":"Naghibijouybari Hoda","year":"2017","unstructured":"Hoda Naghibijouybari, Khaled Khasawneh, and Nael Abu-Ghazaleh. 2017. Constructing and characterizing covert channels on GPGPUs. In International Symposium on Microarchitecture (MICRO)."},{"key":"e_1_3_1_143_2","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243831"},{"key":"e_1_3_1_144_2","doi-asserted-by":"publisher","DOI":"10.1145\/3433210.3453077"},{"key":"e_1_3_1_145_2","first-page":"608","article-title":"Domain-specific accelerators for ideal lattice-based public key protocols","volume":"2018","author":"Nejatollahi Hamid","year":"2018","unstructured":"Hamid Nejatollahi, Nikil D. Dutt, Indranil Banerjee, and Rosario Cammarota. 2018. Domain-specific accelerators for ideal lattice-based public key protocols. IACR Cryptol. ePrint Arch. 2018 (2018), 608.","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"e_1_3_1_146_2","unstructured":"NVIDIA. 2020. NVLink and NVSwitch. Retrieved from https:\/\/www.nvidia.com\/en-us\/data-center\/nvlink\/."},{"key":"e_1_3_1_147_2","unstructured":"Nvidia. 2022. Nvidia Multi-Instance GPU. Retrieved from https:\/\/www.nvidia.com\/en-us\/technologies\/multi-instance-gpu\/."},{"key":"e_1_3_1_148_2","doi-asserted-by":"publisher","DOI":"10.1145\/2830772.2830819"},{"key":"e_1_3_1_149_2","doi-asserted-by":"publisher","DOI":"10.1109\/LCA.2015.2445337"},{"key":"e_1_3_1_150_2","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813708"},{"key":"e_1_3_1_151_2","volume-title":"International Symposium on High Performance Computer Architecture (HPCA)","author":"Ozsoy Meltem","year":"2015","unstructured":"Meltem Ozsoy, Caleb Donovick, Iakov Gorelik, Nael Abu-Ghazaleh, and Dmitry Ponomarev. 2015. Malware-aware processors: A framework for efficient online malware detection. In International Symposium on High Performance Computer Architecture (HPCA)."},{"key":"e_1_3_1_152_2","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"Paccagnella Riccardo","year":"2021","unstructured":"Riccardo Paccagnella, Licheng Luo, and Christopher W. Fletcher. 2021. Lord of the ring(s): Side channel attacks on the CPU on-chip ring interconnect are practical. In 30th USENIX Security Symposium (USENIX Security\u201921). USENIX Association. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/paccagnella."},{"key":"e_1_3_1_153_2","volume-title":"Crypt. ePrint Arch.","author":"Page Dan","year":"2005","unstructured":"Dan Page. 2005. Partitioned cache architecture as a side-channel defense mechanism. In Crypt. ePrint Arch. Retrieved from https:\/\/eprint.iacr.org\/2005\/280."},{"key":"e_1_3_1_154_2","unstructured":"Neil Parris. 2021. Exploring how Cache Coherency Accelerates Heterogeneous Compute. Retrieved from https:\/\/www.computer.org\/publications\/tech-news\/heterogeneous-system-architecture\/exploring-how-cache-coherency-accelerates-heterogeneous-compute."},{"key":"e_1_3_1_155_2","first-page":"1","volume-title":"IEEE Hot Chips Symposium (HCS)","author":"Pawlowski J. Thomas","year":"2011","unstructured":"J. Thomas Pawlowski. 2011. Hybrid memory cube (HMC). In IEEE Hot Chips Symposium (HCS). IEEE, 1\u201324."},{"key":"e_1_3_1_156_2","volume-title":"BSDCan","author":"Percival Colin","year":"2005","unstructured":"Colin Percival. 2005. Cache missing for fun and profit. In BSDCan."},{"key":"e_1_3_1_157_2","first-page":"565","volume-title":"25th USENIX Security Symposium (USENIX Security\u201916)","author":"Pessl Peter","year":"2016","unstructured":"Peter Pessl, Daniel Gruss, Cl\u00e9mentine Maurice, Michael Schwarz, and Stefan Mangard. 2016. DRAMA: Exploiting DRAM addressing for Cross-CPU attacks. In 25th USENIX Security Symposium (USENIX Security\u201916). USENIX Association, 565\u2013581. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/pessl."},{"key":"e_1_3_1_158_2","volume-title":"arXiv","author":"Bielova Benoit Baudry, Gildas Avoine, Pierre Laperdrix, and Nataliia","year":"2019","unstructured":"Benoit Baudry, Gildas Avoine, Pierre Laperdrix, and Nataliia Bielova. 2019. Browser fingerprinting: A survey. In arXiv. arXiv:1905.01051."},{"key":"e_1_3_1_159_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00011"},{"key":"e_1_3_1_160_2","doi-asserted-by":"publisher","DOI":"10.1145\/2735841"},{"key":"e_1_3_1_161_2","doi-asserted-by":"publisher","DOI":"10.1109\/AsianHOST47458.2019.9006701"},{"key":"e_1_3_1_162_2","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2018.00068"},{"key":"e_1_3_1_163_2","volume-title":"International Symposium on Microarchitecture (MICRO)","author":"Qureshi Moinuddin K.","year":"2006","unstructured":"Moinuddin K. Qureshi and Yale N. Patt. 2006. Utility-based partitioning: A low-overhead, high-performance, runtime mechanism to partition shared caches. In International Symposium on Microarchitecture (MICRO)."},{"key":"e_1_3_1_164_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00020"},{"key":"e_1_3_1_165_2","doi-asserted-by":"crossref","first-page":"908","DOI":"10.1109\/MICRO50266.2020.00078","volume-title":"53rd Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO)","author":"Rahman Shafiur","year":"2020","unstructured":"Shafiur Rahman, Nael Abu-Ghazaleh, and Rajiv Gupta. 2020. GraphPulse: An event-driven hardware accelerator for asynchronous graph processing. In 53rd Annual IEEE\/ACM International Symposium on Microarchitecture (MICRO). IEEE, 908\u2013921."},{"key":"e_1_3_1_166_2","first-page":"1919","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"Rakin Adnan Siraj","year":"2021","unstructured":"Adnan Siraj Rakin, Yukui Luo, Xiaolin Xu, and Deliang Fan. 2021. Deep-Dup: An adversarial weight duplication attack framework to crush deep neural network in multi-tenant FPGA. In 30th USENIX Security Symposium (USENIX Security\u201921). USENIX Association, 1919\u20131936. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/rakin."},{"key":"e_1_3_1_167_2","doi-asserted-by":"publisher","DOI":"10.1109\/FCCM.2018.00016"},{"key":"e_1_3_1_168_2","first-page":"1","volume-title":"25th USENIX Security Symposium (USENIX Security\u201916)","author":"Razavi Kaveh","year":"2016","unstructured":"Kaveh Razavi, Ben Gras, Erik Bosman, Bart Preneel, Cristiano Giuffrida, and Herbert Bos. 2016. Flip feng shui: Hammering a needle in the software stack. In 25th USENIX Security Symposium (USENIX Security\u201916). 1\u201318."},{"key":"e_1_3_1_169_2","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653687"},{"key":"e_1_3_1_170_2","doi-asserted-by":"publisher","DOI":"10.1109\/DAC18072.2020.9218690"},{"key":"e_1_3_1_171_2","first-page":"1379","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"Saileshwar Gururaj","year":"2021","unstructured":"Gururaj Saileshwar and Moinuddin Qureshi. 2021. MIRAGE: Mitigating conflict-based cache attacks with a practical fully-associative design. In 30th USENIX Security Symposium (USENIX Security\u201921). USENIX Association, 1379\u20131396. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/saileshwar."},{"key":"e_1_3_1_172_2","article-title":"HASI: Hardware-accelerated stochastic inference, a defense against adversarial machine learning attacks","volume":"2106","author":"Samavatian Mohammad Hossein","year":"2021","unstructured":"Mohammad Hossein Samavatian, Saikat Majumdar, Kristin Barber, and R. Teodorescu. 2021. HASI: Hardware-accelerated stochastic inference, a defense against adversarial machine learning attacks. ArXiv abs\/2106.05825 (2021).","journal-title":"ArXiv"},{"key":"e_1_3_1_173_2","doi-asserted-by":"publisher","DOI":"10.1109\/GCCE.2013.6664775"},{"key":"e_1_3_1_174_2","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3354252"},{"key":"e_1_3_1_175_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-70972-7_13"},{"key":"e_1_3_1_176_2","doi-asserted-by":"publisher","DOI":"10.1126\/science.246.4936.1400"},{"key":"e_1_3_1_177_2","unstructured":"Amazon Web Services. 2021. Amazon EC2 F1 instances. Retrieved from https:\/\/aws.amazon.com\/ec2\/instance-types\/f1\/."},{"key":"e_1_3_1_178_2","volume-title":"International Symposium on Microarchitecture (MICRO)","author":"Shafiee Ali","year":"2015","unstructured":"Ali Shafiee, Akhila Gundu, Manjunath Shevgoor, Rajeev Balasubramonian, and Mohit Tiwari. 2015. Avoiding information leakage in the memory controller with fixed service policies. In International Symposium on Microarchitecture (MICRO)."},{"key":"e_1_3_1_179_2","doi-asserted-by":"publisher","DOI":"10.1145\/3007787.3001139"},{"key":"e_1_3_1_180_2","first-page":"69","volume-title":"13th USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201918)","author":"Shan Yizhou","year":"2018","unstructured":"Yizhou Shan, Yutong Huang, Yilun Chen, and Yiying Zhang. 2018. LegoOS: A disseminated, distributed OS for hardware resource disaggregation. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI\u201918). USENIX Association, 69\u201387. Retrieved from https:\/\/www.usenix.org\/conference\/osdi18\/presentation\/shan."},{"key":"e_1_3_1_181_2","first-page":"2863","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"Shusterman Anatoly","year":"2021","unstructured":"Anatoly Shusterman, Ayush Agarwal, Sioli O\u2019Connell, Daniel Genkin, Yossi Oren, and Yuval Yarom. 2021. Prime+Probe 1, JavaScript 0: Overcoming browser-based side-channel defenses. In 30th USENIX Security Symposium (USENIX Security\u201921). USENIX Association, 2863\u20132880. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/shusterman."},{"key":"e_1_3_1_182_2","first-page":"639","volume-title":"28th USENIX Security Symposium (USENIX Security\u201919)","author":"Shusterman Anatoly","year":"2019","unstructured":"Anatoly Shusterman, Lachlan Kang, Yarden Haskal, Yosef Meltser, Prateek Mittal, Yossi Oren, and Yuval Yarom. 2019. Robust website fingerprinting through the cache occupancy channel. In 28th USENIX Security Symposium (USENIX Security\u201919). USENIX Association, 639\u2013656. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/shusterman."},{"key":"e_1_3_1_183_2","doi-asserted-by":"publisher","DOI":"10.1007\/s41635-018-0039-0"},{"key":"e_1_3_1_184_2","unstructured":"Paul Stone. 2013. Pixel Perfect Timing Attacks with HTML5. Retrieved from https:\/\/www.contextis.com\/media\/downloads\/Pixel_Perfect_Timing_Attacks_with_HTML5_Whitepaper.pdf."},{"key":"e_1_3_1_185_2","doi-asserted-by":"publisher","DOI":"10.1007\/s41635-018-0046-1"},{"key":"e_1_3_1_186_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00059"},{"key":"e_1_3_1_187_2","first-page":"1057","volume-title":"26th USENIX Security Symposium (USENIX Security\u201917)","author":"Tang Adrian","year":"2017","unstructured":"Adrian Tang, Simha Sethumadhavan, and Salvatore Stolfo. 2017. CLKSCREW: Exposing the perils of security-oblivious energy management. In 26th USENIX Security Symposium (USENIX Security\u201917). USENIX Association, 1057\u20131074. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/tang."},{"key":"e_1_3_1_188_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISCA45697.2020.00065"},{"key":"e_1_3_1_189_2","first-page":"213","volume-title":"Annual Technical Conference (USENIX\u201918)","author":"Tatar Andrei","year":"2018","unstructured":"Andrei Tatar, Radhesh Krishnan Konoth, Elias Athanasopoulos, Cristiano Giuffrida, Herbert Bos, and Kaveh Razavi. 2018. Throwhammer: Rowhammer attacks over the network and defenses. In Annual Technical Conference (USENIX\u201918). USENIX Association, 213\u2013226. Retrieved from https:\/\/www.usenix.org\/conference\/atc18\/presentation\/tatar."},{"key":"e_1_3_1_190_2","doi-asserted-by":"publisher","DOI":"10.1109\/MDT.2010.7"},{"key":"e_1_3_1_191_2","unstructured":"Adam Thompson and C. J. Newburn. 2021. GPUDirect Storage: A Direct Path Between Storage and GPU Memory. Retrieved from https:\/\/developer.nvidia.com\/blog\/gpudirect-storage\/."},{"key":"e_1_3_1_192_2","doi-asserted-by":"publisher","DOI":"10.1109\/FCCM51124.2021.00035"},{"key":"e_1_3_1_193_2","doi-asserted-by":"publisher","DOI":"10.1145\/3289602.3293920"},{"key":"e_1_3_1_194_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2022.24093"},{"key":"e_1_3_1_195_2","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2014.2331672"},{"key":"e_1_3_1_196_2","article-title":"MeltdownPrime and SpectrePrime: Automatically-synthesized attacks exploiting invalidation-based coherence protocols","volume":"1802","author":"Trippel Caroline","year":"2018","unstructured":"Caroline Trippel, Daniel Lustig, and Margaret Martonosi. 2018. MeltdownPrime and SpectrePrime: Automatically-synthesized attacks exploiting invalidation-based coherence protocols. CoRR abs\/1802.03802 (2018).","journal-title":"CoRR"},{"key":"e_1_3_1_197_2","first-page":"693","volume-title":"28th USENIX Security Symposium (USENIX Security\u201919)","author":"Tsai Shin-Yeh","year":"2019","unstructured":"Shin-Yeh Tsai, Mathias Payer, and Yiying Zhang. 2019. Pythia: Remote oracles for the masses. In 28th USENIX Security Symposium (USENIX Security\u201919). USENIX Association, 693\u2013710. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/tsai."},{"key":"e_1_3_1_198_2","doi-asserted-by":"publisher","DOI":"10.1145\/3173162.3173193"},{"key":"e_1_3_1_199_2","doi-asserted-by":"publisher","DOI":"10.1145\/3419100"},{"key":"e_1_3_1_200_2","volume-title":"14th USENIX Workshop on Offensive Technologies","author":"Ustiugov Dmitrii","year":"2020","unstructured":"Dmitrii Ustiugov, Plamen Petrov, M. R. Siavash Katebzadeh, and Boris Grot. 2020. Bankrupt covert channel: Turning network predictability into vulnerability. In 14th USENIX Workshop on Offensive Technologies. USENIX Association. Retrieved from https:\/\/www.usenix.org\/conference\/woot20\/presentation\/ustiugov."},{"key":"e_1_3_1_201_2","doi-asserted-by":"publisher","DOI":"10.1109\/FPL.2018.00031"},{"key":"e_1_3_1_202_2","volume-title":"27th USENIX Security Symposium","author":"Bulck Jo Van","year":"2018","unstructured":"Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In 27th USENIX Security Symposium. USENIX Association."},{"key":"e_1_3_1_203_2","first-page":"1675","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","author":"Veen Victor Van Der","year":"2016","unstructured":"Victor Van Der Veen, Yanick Fratantonio, Martina Lindorfer, Daniel Gruss, Cl\u00e9mentine Maurice, Giovanni Vigna, Herbert Bos, Kaveh Razavi, and Cristiano Giuffrida. 2016. Drammer: Deterministic Rowhammer attacks on mobile platforms. In ACM SIGSAC Conference on Computer and Communications Security. 1675\u20131689."},{"key":"e_1_3_1_204_2","volume-title":"IEEE Symposium on Security and Privacy","author":"Schaik Stephan van","year":"2019","unstructured":"Stephan van Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2019. RIDL: Rogue in-flight data load. In IEEE Symposium on Security and Privacy."},{"key":"e_1_3_1_205_2","doi-asserted-by":"publisher","DOI":"10.1109\/FPL.2019.00034"},{"key":"e_1_3_1_206_2","first-page":"681","volume-title":"13th USENIX Symposium on Operating Systems Design and Implementation","author":"Volos Stavros","year":"2018","unstructured":"Stavros Volos, Kapil Vaswani, and Rodrigo Bruno. 2018. Graviton: Trusted execution environments on GPUs. In 13th USENIX Symposium on Operating Systems Design and Implementation. USENIX Association, 681\u2013696. Retrieved from https:\/\/www.usenix.org\/conference\/osdi18\/presentation\/volos."},{"key":"e_1_3_1_207_2","article-title":"Volcano: Stateless cache side-channel attack by exploiting mesh interconnect","volume":"2103","author":"Wan Junpeng","year":"2021","unstructured":"Junpeng Wan, Yanxiang Bi, Zhe Zhou, and Zhou Li. 2021. Volcano: Stateless cache side-channel attack by exploiting mesh interconnect. ArXiv abs\/2103.04533 (2021).","journal-title":"ArXiv"},{"key":"e_1_3_1_208_2","doi-asserted-by":"publisher","DOI":"10.1145\/3373376.3378532"},{"key":"e_1_3_1_209_2","doi-asserted-by":"publisher","DOI":"10.1145\/3337167.3337169"},{"key":"e_1_3_1_210_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-31239-8_11"},{"key":"e_1_3_1_211_2","volume-title":"International Symposium on High Performance Computer Architecture (HPCA)","author":"Wang Yao","year":"2014","unstructured":"Yao Wang and G. Edward Suh. 2014. Timing channel protection for a shared memory controller. In International Symposium on High Performance Computer Architecture (HPCA)."},{"key":"e_1_3_1_212_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.20"},{"key":"e_1_3_1_213_2","volume-title":"International Symposium on Microarchitecture (MICRO)","author":"Wang Zhenghong","year":"2008","unstructured":"Zhenghong Wang and Ruby B. Lee. 2008. A novel cache architecture with enhanced performance and security. In International Symposium on Microarchitecture (MICRO)."},{"key":"e_1_3_1_214_2","article-title":"Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-order Execution","author":"Weisse Ofir","year":"2018","unstructured":"Ofir Weisse, Jo Van Bulck, Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Raoul Strackx, Thomas F. Wenisch, and Yuval Yarom. 2018. Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-order Execution. Technical Report. Lirias, KU Leuven.","journal-title":"Technical Report"},{"key":"e_1_3_1_215_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2020.i3.169-195"},{"key":"e_1_3_1_216_2","first-page":"675","volume-title":"28th USENIX Security Symposium (USENIX Security\u201919)","author":"Werner Mario","year":"2019","unstructured":"Mario Werner, Thomas Unterluggauer, Lukas Giner, Michael Schwarz, Daniel Gruss, and Stefan Mangard. 2019. ScatterCache: Thwarting cache attacks via cache set randomization. In 28th USENIX Security Symposium (USENIX Security\u201919). USENIX Association, 675\u2013692. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/werner."},{"key":"e_1_3_1_217_2","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2012.2190369"},{"key":"e_1_3_1_218_2","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2010.2070050"},{"key":"e_1_3_1_219_2","first-page":"1645","volume-title":"28th USENIX Security Symposium (USENIX Security\u201919)","author":"Wu Shujiang","year":"2019","unstructured":"Shujiang Wu, Song Li, Yinzhi Cao, and Ningfei Wang. 2019. Rendered private: Making GLSL execution uniform to prevent WebGL-based browser fingerprinting. In 28th USENIX Security Symposium (USENIX Security\u201919). USENIX Association, 1645\u20131660. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/wu."},{"key":"e_1_3_1_220_2","first-page":"19","volume-title":"25th USENIX Security Symposium (USENIX Security\u201916)","author":"Xiao Yuan","year":"2016","unstructured":"Yuan Xiao, Xiaokuan Zhang, Yinqian Zhang, and Radu Teodorescu. 2016. One bit flips, one cloud flops: Cross-VM row hammer attacks and privilege escalation. In 25th USENIX Security Symposium (USENIX Security\u201916). 19\u201335."},{"key":"e_1_3_1_221_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCSI.2020.2983185"},{"key":"e_1_3_1_222_2","doi-asserted-by":"publisher","DOI":"10.1145\/3442479"},{"key":"e_1_3_1_223_2","doi-asserted-by":"publisher","DOI":"10.1145\/3330345.3330389"},{"key":"e_1_3_1_224_2","volume-title":"International Symposium on Microarchitecture (MICRO)","author":"Yan Mengjia","year":"2016","unstructured":"Mengjia Yan, Yasser Shalabi, and Josep Torrellas. 2016. ReplayConfusion: Detecting cache-based covert channel attacks using record and replay. In International Symposium on Microarchitecture (MICRO)."},{"key":"e_1_3_1_225_2","first-page":"888","article-title":"Attack directories, not caches: Side channel attacks in a non-inclusive world","author":"Yan Mengjia","year":"2019","unstructured":"Mengjia Yan, Read Sprabery, Bhargava Gopireddy, Christopher W. Fletcher, R. Campbell, and J. Torrellas. 2019. Attack directories, not caches: Side channel attacks in a non-inclusive world. In IEEE Symposium on Security and Privacy (SP) (2019), 888\u2013904.","journal-title":"I"},{"key":"e_1_3_1_226_2","volume-title":"International Symposium on High Performance Computer Architecture (HPCA)","author":"Yao Fan","year":"2018","unstructured":"Fan Yao, Milos Doroslovacki, and Guru Venkataramani. 2018. Are coherence protocol states vulnerable to information leakage? In International Symposium on High Performance Computer Architecture (HPCA)."},{"key":"e_1_3_1_227_2","first-page":"1463","volume-title":"29th USENIX Security Symposium (USENIX Security\u201920)","author":"Yao Fan","year":"2020","unstructured":"Fan Yao, Adnan Siraj Rakin, and Deliang Fan. 2020. DeepHammer: Depleting the intelligence of deep neural networks through targeted chain of bit flips. In 29th USENIX Security Symposium (USENIX Security\u201920). USENIX Association, 1463\u20131480. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/yao."},{"key":"e_1_3_1_228_2","doi-asserted-by":"publisher","DOI":"10.1145\/3173162.3173186"},{"key":"e_1_3_1_229_2","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243772"},{"key":"e_1_3_1_230_2","first-page":"719","volume-title":"23rd USENIX Security Symposium (USENIX Security\u201914)","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Katrina Falkner. 2014. FLUSH+RELOAD: A high resolution, low noise, L3 cache side-channel attack. In 23rd USENIX Security Symposium (USENIX Security\u201914). USENIX Association, 719\u2013732. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity14\/technical-sessions\/presentation\/yarom."},{"key":"e_1_3_1_231_2","doi-asserted-by":"publisher","DOI":"10.1145\/3240765.3240814"},{"key":"e_1_3_1_232_2","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813719"},{"key":"e_1_3_1_233_2","doi-asserted-by":"publisher","DOI":"10.1007\/s41635-018-0038-1"},{"key":"e_1_3_1_234_2","unstructured":"Boris Zbarsky. 2015. Reduce resolution of performance.now. Retrieved from https:\/\/hg.mozilla.org\/integration\/mozilla-inbound\/rev\/48ae8b5e62ab."},{"key":"e_1_3_1_235_2","article-title":"SoK: On the security challenges and risks of multi-tenant FPGAs in the cloud","volume":"2009","author":"Zeitouni Shaza","year":"2020","unstructured":"Shaza Zeitouni, Ghada Dessouky, and Ahmad-Reza Sadeghi. 2020. SoK: On the security challenges and risks of multi-tenant FPGAs in the cloud. CoRR abs\/2009.13914 (2020).","journal-title":"CoRR"},{"key":"e_1_3_1_236_2","first-page":"229","volume-title":"IEEE Symposium on Security and Privacy (SP)","author":"Zhao Mark","year":"2018","unstructured":"Mark Zhao and G. Edward Suh. 2018. FPGA-based remote power side-channel attacks. In IEEE Symposium on Security and Privacy (SP). 229\u2013244."},{"key":"e_1_3_1_237_2","first-page":"1973","volume-title":"30th USENIX Security Symposium (USENIX Security\u201921)","author":"Zhu Yuankun","year":"2021","unstructured":"Yuankun Zhu, Yueqiang Cheng, Husheng Zhou, and Yantao Lu. 2021. Hermes attack: Steal DNN models with lossless inference accuracy. In 30th USENIX Security Symposium (USENIX Security\u201921). USENIX Association, 1973\u20131988. Retrieved from https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/zhu."},{"key":"e_1_3_1_238_2","first-page":"253","volume-title":"IEEE International Symposium on Workload Characterization (IISWC)","author":"Zou Pengfei","year":"2019","unstructured":"Pengfei Zou, Ang Li, Kevin Barker, and Rong Ge. 2019. Fingerprinting anomalous computation with RNN for GPU-accelerated HPC machines. In IEEE International Symposium on Workload Characterization (IISWC). 253\u2013256."}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3544102","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3544102","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:46:19Z","timestamp":1750178779000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3544102"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,15]]},"references-count":237,"journal-issue":{"issue":"7","published-print":{"date-parts":[[2023,7,31]]}},"alternative-id":["10.1145\/3544102"],"URL":"https:\/\/doi.org\/10.1145\/3544102","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,12,15]]},"assertion":[{"value":"2021-07-26","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-05-29","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-12-15","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}