Side-Channel Attack
An attack that extracts a secret not by reading protected memory directly, but by observing a physical side effect of the victim’s execution: timings, cache state, power draw, electromagnetic emissions, acoustic noise, etc. The secret leaks through whichever shared resource the attacker can measure.
Why?
Access controls stop you from reading the victim’s memory. They don’t stop you from measuring how long things take, how full the cache looks, or how busy a shared execution unit is. If the victim’s behaviour on a shared resource depends on the secret, the attacker can reconstruct it without ever violating the memory-protection contract.
Two families relevant to ECE459:
- Cache Attack: probe cache state to learn which memory the victim touched. Used by Spectre / Meltdown as the exfiltration channel
- Hyperthreading Attack: watch shared execution hardware (ports, functional units, cache) from a sibling hyperthread on the same core