Real time detection of cache-based side-channel attacks using hardware performance counters
Autor: | Marco Chiappetta, Erkay Savas, Cemal Yilmaz |
---|---|
Rok vydání: | 2016 |
Předmět: |
QA075 Electronic computers. Computer science
Class (computer programming) Computer science business.industry Real-time computing 02 engineering and technology 020202 computer hardware & architecture Hardware performance counter Temporal resolution QA076 Computer software 0202 electrical engineering electronic engineering information engineering False positive paradox Overhead (computing) 020201 artificial intelligence & image processing Cache Side channel attack business Cache algorithms Software Computer hardware |
Zdroj: | Applied Soft Computing. 49:1162-1174 |
ISSN: | 1568-4946 |
DOI: | 10.1016/j.asoc.2016.09.014 |
Popis: | Graphical abstractDisplay Omitted HighlightsThree methods for detecting a class of cache-based side-channel attacks are proposed.A new tool (quickhpc) for probing hardware performance counters at a higher temporal resolution than the existing tools is presented.The first method is based on correlation, the other two use machine learning techniques and reach a minimum F-score of 0.93.A smarter attack is devised that is capable of circumventing the first method. In this paper we analyze three methods to detect cache-based side-channel attacks in real time, preventing or limiting the amount of leaked information. Two of the three methods are based on machine learning techniques and all the three of them can successfully detect an attack in about one fifth of the time required to complete it. We could not experience the presence of false positives in our test environment and the overhead caused by the detection systems is negligible. We also analyze how the detection systems behave with a modified version of one of the spy processes. With some optimization we are confident these systems can be used in real world scenarios. |
Databáze: | OpenAIRE |
Externí odkaz: |