当前位置:
X-MOL 学术
›
ACM J. Emerg. Technol. Comput. Syst.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Victims Can Be Saviors
ACM Journal on Emerging Technologies in Computing Systems ( IF 2.1 ) Pub Date : 2021-01-29 , DOI: 10.1145/3439189 Manaar Alam 1 , Sarani Bhattacharya 1 , Debdeep Mukhopadhyay 1
ACM Journal on Emerging Technologies in Computing Systems ( IF 2.1 ) Pub Date : 2021-01-29 , DOI: 10.1145/3439189 Manaar Alam 1 , Sarani Bhattacharya 1 , Debdeep Mukhopadhyay 1
Affiliation
Micro-architectural side-channel attacks are major threats to the most mathematically sophisticated encryption algorithms. In spite of the fact that there exist several defense techniques, the overhead of implementing the countermeasures remains a matter of concern. A promising strategy is to develop online detection and prevention methods for these attacks. Though some recent studies have devised online prevention mechanisms for some categories of these attacks, still other classes remain undetected. Moreover, to detect these side-channel attacks with minimal False Positives is a challenging effort because of the similarity of their behavior with computationally intensive applications. This article presents a generalized machine learning--based multi-layer detection technique that targets these micro-architectural side-channel attacks, while not restricting its attention only on a single category of attacks. The proposed mechanism gathers low-level system information by profiling performance counter events using Linux perf tool and then applies machine learning techniques to analyze the data. A novel approach using time-series analysis of the data is implemented to find out the correlation of the execution trace of the attack process with the secret key of encryption, which helps in dealing with False-Positives and unknown attacks. This article also provides a detailed theoretical analysis of the detection mechanism of the proposed model along with its security analysis. The experimental results show that the proposed method is superior to the state-of-the-art reported techniques with high detection accuracy, low False Positives, and low implementation overhead while being able to detect before the completion of the attack.
中文翻译:
受害者可以成为救世主
微架构侧信道攻击是对数学上最复杂的加密算法的主要威胁。尽管存在多种防御技术,但实施对策的开销仍然是一个值得关注的问题。一个有前途的策略是为这些攻击开发在线检测和预防方法。尽管最近的一些研究已经为这些攻击的某些类别设计了在线预防机制,但仍有其他类别仍未被发现。此外,以最小的误报检测这些侧信道攻击是一项具有挑战性的工作,因为它们的行为与计算密集型应用程序的相似性。本文提出了一种基于广义机器学习的多层检测技术,针对这些微架构侧信道攻击,而不仅限于单一类别的攻击。所提出的机制通过使用 Linux perf 工具分析性能计数器事件来收集低级系统信息,然后应用机器学习技术来分析数据。实现了一种使用数据时间序列分析的新方法,以找出攻击过程的执行轨迹与加密密钥的相关性,这有助于处理误报和未知攻击。本文还对所提出模型的检测机制及其安全性分析进行了详细的理论分析。实验结果表明,该方法优于现有技术报告的技术,具有检测精度高、误报率低、
更新日期:2021-01-29
中文翻译:
受害者可以成为救世主
微架构侧信道攻击是对数学上最复杂的加密算法的主要威胁。尽管存在多种防御技术,但实施对策的开销仍然是一个值得关注的问题。一个有前途的策略是为这些攻击开发在线检测和预防方法。尽管最近的一些研究已经为这些攻击的某些类别设计了在线预防机制,但仍有其他类别仍未被发现。此外,以最小的误报检测这些侧信道攻击是一项具有挑战性的工作,因为它们的行为与计算密集型应用程序的相似性。本文提出了一种基于广义机器学习的多层检测技术,针对这些微架构侧信道攻击,而不仅限于单一类别的攻击。所提出的机制通过使用 Linux perf 工具分析性能计数器事件来收集低级系统信息,然后应用机器学习技术来分析数据。实现了一种使用数据时间序列分析的新方法,以找出攻击过程的执行轨迹与加密密钥的相关性,这有助于处理误报和未知攻击。本文还对所提出模型的检测机制及其安全性分析进行了详细的理论分析。实验结果表明,该方法优于现有技术报告的技术,具有检测精度高、误报率低、
京公网安备 11010802027423号