EAGER: Side Channels Go Deep - Leveraging Deep Learning for Side-channel Analysis and Protection

EAGER：侧信道深入——利用深度学习进行侧信道分析和保护

• 批准号: 2212010
• 负责人: Yunsi Fei
• 金额: $ 30万
• 依托单位: Northeastern University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-07-01 至 2024-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2212010&HistoricalAwards=false
• 关键词: EAGER; Side; Channels; Go; Deep

Side-channel attacks (SCAs) have presented serious threats to confidentiality and privacy in various areas including finance, transportation, mobile communications, and clouds. The new exploits, Meltdown and Spectre, have revealed that indispensable performance-related optimizations of modern computer architecture have turned into fundamental vulnerabilities for information leakage. However, finding SCA leakage thoroughly on real systems can be challenging, and inferior leakage evaluation methods used by the system developer would result in devices or software without appropriate protection entering field operations, vulnerable to dedicated adversaries possessing more sophisticated attacks. The recent advancement of machine learning techniques, particularly deep neural networks (DNNs), has facilitated SCAs to learn and utilize side-channel power leakage of complex forms, resulting in outperforming the strongest classic template attacks and even breaking certain common SCA countermeasures. Power leakage and security evaluation has shifted to DL-based methods. However, there is little application of DNNs in microarchitectural attacks, despite the surging discovery and exploitation of vulnerable microarchitectures. This project aims to leverage the rapidly evolving advances of deep learning in both microarchitectural SCAs and countermeasures. The novelties of the project lie in both a new microarchitecture monitor and the follow-on data analytic and system obfuscation methods. The project's broad significance and importance are it will advance the state-of-the-art on microarchitectural attacks, side-channel security evaluation, and protection against confidentiality and privacy breach.This project investigates foundational issues of applying deep learning techniques for both microarchitectural side-channel analysis and protection. The technical approach includes a persistent cache monitoring mechanism, which significantly improves the observability of the victim execution by the spy and captures detailed information leakage in timing traces. Appropriate DNN models are being built to exploit the timing traces for secret retrieval. The entire framework of microarchitectural monitoring and deep learning-based attacks is applicable to diverse platforms, enabled by cross-device transfer learning and generative adversarial networks (GANs). The concept of adversarial examples is being leveraged to direct novel effective countermeasures against DL-based side-channel attacks. The outcome of this project, thorough DL-based side-channel attacks, sound security evaluation, and efficient protections, will have profound impact in securing the clouds and critical systems and infrastructures.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

侧通道攻击（SCAS）在包括金融，运输，移动通信和云在内的各个领域对机密性和隐私构成了严重威胁。新的漏洞利用融化和幽灵表明，现代计算机体系结构与不可或缺的性能相关的优化已经变成了信息泄漏的根本脆弱性。但是，在真实系统上彻底找到SCA泄漏可能是具有挑战性的，并且系统开发人员使用的较低泄漏评估方法将导致设备或软件，而无需适当的保护进入现场操作，这很容易受到具有更复杂攻击的专用对手的影响。机器学习技术的最新进步，尤其是深神经网络（DNNS），促进了SCAS学习和利用复杂形式的侧向通道功率泄漏，从而超过了最强的经典模板攻击，甚至超出了某些常见的SCA对策。电源泄漏和安全评估已转移到基于DL的方法。但是，尽管发现和剥削了脆弱的微体系结构，但DNN在微体系攻击中几乎没有应用。该项目旨在利用微观构造SCA和对策的深度学习的快速发展。该项目的新颖性在于新的微结构监视器以及后续数据分析和系统混淆方法。该项目的广泛意义和重要性在于它将在微体系攻击，侧渠道安全评估以及防止机密性和隐私违反的保护方面提高最新作用。该项目研究了将深度学习技术应用于微观结构的侧渠道分析和保护的基础问题。技术方法包括一种持续的缓存监视机制，该机制可大大提高间谍的受害者执行能力，并捕获正时轨迹中的详细信息泄漏。正在构建适当的DNN模型，以利用定时迹线进行秘密检索。 微体系检查监测和基于深度学习的攻击的整个框架适用于各种平台，这是通过跨设备转移学习和生成的对抗网络（GAN）实现的。对抗性例子的概念是利用来指导针对基于DL的侧通道攻击的新型有效对策。该项目的结果，基于DL的侧渠道攻击，合理的安全评估以及有效的保护，将对确保云，关键的系统和基础设施产生深远的影响。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的智力和更广泛影响的评估来通过评估来支持的，这是值得的。

项目成果

A Guessing Entropy-Based Framework for Deep Learning-Assisted Side-Channel Analysis

用于深度学习辅助侧信道分析的基于猜测熵的框架

• DOI: 10.1109/tifs.2023.3273169
• 发表时间: 2023
• 期刊: IEEE Transactions on Information Forensics and Security
• 影响因子: 6.8
• 作者: Zhang, Ziyue;Ding, A. Adam;Fei, Yunsi
• 通讯作者: Fei, Yunsi

Understanding and Quantifying Adversarial Examples Existence in Linear Classification

• DOI: 10.1109/icmlc56445.2022.9941315
• 发表时间: 2019-10
• 期刊: 2022 International Conference on Machine Learning and Cybernetics (ICMLC)
• 作者: Xupeng Shi;A. Ding

A Cross-Platform Cache Timing Attack Framework via Deep Learning

基于深度学习的跨平台缓存定时攻击框架

• DOI: 10.23919/date54114.2022.9774612
• 发表时间: 2022
• 期刊: IEEE Design Automation and Test in Europe 2-22
• 作者: Ding, Ruyi;Zhang, Ziyue;Zhang, Xiang;Gongye, Cheng;Fei, Yunsi;Ding, Aidong A.
• 通讯作者: Ding, Aidong A.

EMShepherd: Detecting Adversarial Samples via Side-channel Leakage

• DOI: 10.1145/3579856.3582827
• 发表时间: 2023-03
• 期刊: Proceedings of the 2023 ACM Asia Conference on Computer and Communications Security
• 作者: Ruyi Ding;Gongye Cheng;Siyue Wang;A. A. Ding-A.;Yunsi Fei

Ran$Net: An Anti-Ransomware Methodology based on Cache Monitoring and Deep Learning

Ran$Net：基于缓存监控和深度学习的反勒索软件方法

• DOI: 10.1145/3526241.3530830
• 发表时间: 2022
• 期刊: Great Lake Symposium on VLSI 2022
• 作者: Zhang, Xiang;Zhang, Ziyue;Ding, Ruyi;Gongye, Cheng;Ding, Aidong Adam;Fei, Yunsi
• 通讯作者: Fei, Yunsi