| Popis: |
Users' privacy and data security are under unprecedented threat because of the growing use of the Internet and digital devices, one example of such threat is side-channel attacks. The side-channel attacks are a class of cyber-attacks in which the attacker tries to exploit physical side-channel information leakage to recover critical information of a user. The research on side-channel attacks has made significant progress and remains a hot topic. Deep learning based side-channel attack methods have shown advantages in many aspects. But these methods are facing critical limitations -- insufficient labeled training data and data distribution shifts, which will cause side-channel attack failure. Our research focuses on these problems and investigates two specific side-channel attacks: 1) side-channel attack over encrypted network traffic (also called website fingerprinting); 2) side-channel attack to power consumption on micro-controllers (also called side-channel attack). My main focus and contributions are 3 fold:Firstly, we studied website fingerprinting in a more real-world scenario: the attacker and the user have different network setups and website content updates frequently, which causes the well-trained model outdated in a few days, but the collection of labeled data could take more than 2 weeks. Due to this reason, the attacker cannot obtain enough labeled training data to perform the attack. Facing this challenge, we designed a novel website fingerprinting attack method based on the adversarial domain adaption technique, which can enable the attacker to perform the attack with less than 20 traces per website and achieve over 80\% accuracy when the network setup is different.Secondly, we studied the side-channel attack when the attacker cannot obtain a sufficient number of training traces, which will cause the traditional deep learning based methods to fail to recover the key. To address this limitation, we proposed a novel side-channel attack based on the triplet network. The main idea of our method is to train a triplet network, which learns a robust distinguishable embedding for the side-channel attack with few traces. The experimental results show that our method can successfully recover the key with only 250 training traces while a CNN needs at least 4,000 training traces in profiling attacks. In addition, we extend our method to non-profiling attacks. Our method is also effective against countermeasures, such as masked AES and random delay. Finally, we studied the side-channel attack when there are software-based discrepancies between the user and attacker. In the real-world, the encryption software running on the digital device may have many variations, such as random delay, using different compiler optimization levels, applying code rewriting to the source code and etc. This will lead to a critical research question --- what is the impact when the side-channel data when they are collected with different software variations and how to mitigate such discrepancies? Such questions haven't been profoundly and thoroughly discussed in previous literature. In this project, we carefully examine 3 kinds of software-based discrepancies and proposed novel attack methods to overcome such data domain shifts. Our work is the first effort in this direction. |
