Run-time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm

This paper presents a run-time detection mechanism for access-driven cache-based Side-Channel Attacks (CSCAs) on Intel's x86 architecture. We demonstrate the detection capability and effectiveness of proposed mechanism on Prime+Probe attcks. The mechanism comprises of multiple machine learning...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:2018 Global Information Infrastructure and Networking Symposium (GIIS) s. 1 - 5
Hlavní autoři: Mushtaq, Maria, Akram, Ayaz, Bhatti, Muhammad Khurram, Rais, Rao Naveed Bin, Lapotre, Vianney, Gogniat, Guy
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 01.10.2018
Témata:
AES
Cryptography
Data models
Detection
Encryption
Hardware
HPCs
Machine learning
prime+Probe
Real-time systems
Side-channel attacks
ISSN:2150-329X
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:This paper presents a run-time detection mechanism for access-driven cache-based Side-Channel Attacks (CSCAs) on Intel's x86 architecture. We demonstrate the detection capability and effectiveness of proposed mechanism on Prime+Probe attcks. The mechanism comprises of multiple machine learning models, which use real-time data from the HPCs for detection. Experiments are performed with two different implementations of AES cryptosystem while under Prime+Probe attack. We provide results under stringent design constraints such as: realistic system load conditions, real-time detection accuracy, speed, system-wide performance overhead and distribution of error (i.e., false positives and negatives) for the used machine learning models. Our results show detection accuracy of > 99% for Prime+Probe attack with performance overhead of 3-4% at the highest detection speed, i.e., within 1-2% completion of 4800 AES encryption rounds needed to complete a successful attack.
ISSN:2150-329X
DOI:10.1109/GIIS.2018.8635767