EAGER: Side Channels Go Deep - Leveraging Deep Learning for Side-channel Analysis and Protection

EAGER：侧信道深入——利用深度学习进行侧信道分析和保护

• 批准号: 2212010
• 负责人: Yunsi Fei
• 金额: $ 30万
• 依托单位: Northeastern University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-07-01 至 2024-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2212010&HistoricalAwards=false
• 关键词: EAGER; Side; Channels; Go; Deep

Side-channel attacks (SCAs) have presented serious threats to confidentiality and privacy in various areas including finance, transportation, mobile communications, and clouds. The new exploits, Meltdown and Spectre, have revealed that indispensable performance-related optimizations of modern computer architecture have turned into fundamental vulnerabilities for information leakage. However, finding SCA leakage thoroughly on real systems can be challenging, and inferior leakage evaluation methods used by the system developer would result in devices or software without appropriate protection entering field operations, vulnerable to dedicated adversaries possessing more sophisticated attacks. The recent advancement of machine learning techniques, particularly deep neural networks (DNNs), has facilitated SCAs to learn and utilize side-channel power leakage of complex forms, resulting in outperforming the strongest classic template attacks and even breaking certain common SCA countermeasures. Power leakage and security evaluation has shifted to DL-based methods. However, there is little application of DNNs in microarchitectural attacks, despite the surging discovery and exploitation of vulnerable microarchitectures. This project aims to leverage the rapidly evolving advances of deep learning in both microarchitectural SCAs and countermeasures. The novelties of the project lie in both a new microarchitecture monitor and the follow-on data analytic and system obfuscation methods. The project's broad significance and importance are it will advance the state-of-the-art on microarchitectural attacks, side-channel security evaluation, and protection against confidentiality and privacy breach.This project investigates foundational issues of applying deep learning techniques for both microarchitectural side-channel analysis and protection. The technical approach includes a persistent cache monitoring mechanism, which significantly improves the observability of the victim execution by the spy and captures detailed information leakage in timing traces. Appropriate DNN models are being built to exploit the timing traces for secret retrieval. The entire framework of microarchitectural monitoring and deep learning-based attacks is applicable to diverse platforms, enabled by cross-device transfer learning and generative adversarial networks (GANs). The concept of adversarial examples is being leveraged to direct novel effective countermeasures against DL-based side-channel attacks. The outcome of this project, thorough DL-based side-channel attacks, sound security evaluation, and efficient protections, will have profound impact in securing the clouds and critical systems and infrastructures.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

侧信道攻击（sca）对金融、交通、移动通信和云计算等各个领域的机密性和隐私性构成了严重威胁。新的漏洞，Meltdown和Spectre，揭示了现代计算机架构中不可或缺的与性能相关的优化已经变成了信息泄露的基本漏洞。然而，在实际系统上彻底发现SCA泄漏可能具有挑战性，系统开发人员使用的劣质泄漏评估方法将导致没有适当保护的设备或软件进入现场操作，容易受到拥有更复杂攻击的专门对手的攻击。最近机器学习技术的进步，特别是深度神经网络（dnn），促进了SCA学习和利用复杂形式的侧信道功率泄漏，从而优于最强的经典模板攻击，甚至打破了某些常见的SCA对策。电力泄漏和安全评估已经转向基于dl的方法。然而，尽管对脆弱微架构的发现和利用激增，但dnn在微架构攻击中的应用很少。该项目旨在利用微架构sca和对策中快速发展的深度学习。该项目的新颖之处在于一个新的微体系结构监视器和后续的数据分析和系统混淆方法。该项目的广泛意义和重要性在于它将推动微架构攻击，侧通道安全评估以及防止机密性和隐私泄露的最新技术。该项目研究了将深度学习技术应用于微架构侧通道分析和保护的基础问题。该技术方法包括一个持久的缓存监控机制，该机制显著提高了间谍对受害者执行的可观察性，并捕获了定时跟踪中泄漏的详细信息。正在建立适当的深度神经网络模型，以利用时间轨迹进行秘密检索。微架构监控和基于深度学习的攻击的整个框架适用于不同的平台，通过跨设备迁移学习和生成对抗网络（gan）实现。对抗性示例的概念正被用于指导针对基于dl的侧信道攻击的新颖有效对策。该项目的成果是基于dl的彻底的侧信道攻击，完善的安全评估和有效的防护，将对云和关键系统和基础设施的安全产生深远的影响。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

A Guessing Entropy-Based Framework for Deep Learning-Assisted Side-Channel Analysis

用于深度学习辅助侧信道分析的基于猜测熵的框架

• DOI: 10.1109/tifs.2023.3273169
• 发表时间: 2023
• 期刊: IEEE Transactions on Information Forensics and Security
• 影响因子: 6.8
• 作者: Zhang, Ziyue;Ding, A. Adam;Fei, Yunsi
• 通讯作者: Fei, Yunsi

Understanding and Quantifying Adversarial Examples Existence in Linear Classification

• DOI: 10.1109/icmlc56445.2022.9941315
• 发表时间: 2019-10
• 期刊: 2022 International Conference on Machine Learning and Cybernetics (ICMLC)
• 作者: Xupeng Shi;A. Ding

A Cross-Platform Cache Timing Attack Framework via Deep Learning

基于深度学习的跨平台缓存定时攻击框架

• DOI: 10.23919/date54114.2022.9774612
• 发表时间: 2022
• 期刊: IEEE Design Automation and Test in Europe 2-22
• 作者: Ding, Ruyi;Zhang, Ziyue;Zhang, Xiang;Gongye, Cheng;Fei, Yunsi;Ding, Aidong A.
• 通讯作者: Ding, Aidong A.

Ran$Net: An Anti-Ransomware Methodology based on Cache Monitoring and Deep Learning

Ran$Net：基于缓存监控和深度学习的反勒索软件方法

• DOI: 10.1145/3526241.3530830
• 发表时间: 2022
• 期刊: Great Lake Symposium on VLSI 2022
• 作者: Zhang, Xiang;Zhang, Ziyue;Ding, Ruyi;Gongye, Cheng;Ding, Aidong Adam;Fei, Yunsi
• 通讯作者: Fei, Yunsi

EMShepherd: Detecting Adversarial Samples via Side-channel Leakage

• DOI: 10.1145/3579856.3582827
• 发表时间: 2023-03
• 期刊: Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security
• 作者: Ruyi Ding;Gongye Cheng;Siyue Wang;A. A. Ding-A.;Yunsi Fei