Abstract
AES, ElGamal are two examples of algorithms that have been developed in cryptography to protect data in a variety of domains including native and cloud systems, and mobile applications. There has been a good deal of research into the use of side channel attacks on these algorithms. This work has conducted an experiment to detect malicious loops inside Flush+Reload and Prime+Prob attack programs against AES through the exploitation of Hardware Performance Counters (HPC). This paper examines the accuracy and efficiency of three machine learning algorithms: Neural Network (NN); Decision Tree C4.5; and K Nearest Neighbours (KNN). The study also shows how Standard Performance Evaluation Corporation (SPEC) CPU2006 benchmarks impact predictions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
The shared library that OpenSSL produces during compilation is libcrypto.so.
- 2.
SPEC SPEC2006 is widely used to evaluate performance of computer systems https://www.spec.org/.
References
Bernstein, D.J.: Cache-timing attacks on AES (2005)
Briongos, S., Malagón, P., Risco-MartÃn, J.L., Moya, J.M.: Modeling side-channel cache attacks on AES. In: Proceedings of the Summer Computer Simulation Conference, p. 37. Society for Computer Simulation International (2016)
Dean, J., Corrado, G., Monga, R., Chen, K., Devin, M., Mao, M., Senior, A., Tucker, P., Yang, K., Le, Q.V., et al.: Large scale distributed deep networks. In: Advances in Neural Information Processing Systems, pp. 1223–1231 (2012)
Gruss, D., Bidner, D., Mangard, S.: Practical memory deduplication attacks in sandboxed Javascript. In: European Symposium on Research in Computer Security, pp. 108–122. Springer (2015)
Gullasch, D., Bangerter, E., Krenn, S.: Cache games-bringing access-based cache attacks on AES to practice. In: 2011 IEEE Symposium on Security and Privacy, pp. 490–505. IEEE (2011)
Gulmezoglu, B., Eisenbarth, T., Sunar, B.: Cache-based application detection in the cloud using machine learning. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, pp. 288–300. ACM (2017)
Intel\(\textregistered \) 64 and IA-32 Architectures Software Developer’s Manual. Volume 3A: System Programming Guide, Part 1(64) (2011)
Irazoqui, G., Eisenbarth, T., Sunar, B.: S$A: a shared cache attack that works across cores and defies VM sandboxing-and its application to AES. In: 2015 IEEE Symposium on Security and Privacy, pp. 591–604. IEEE (2015)
Irazoqui, G., Inci, M.S., Eisenbarth, T., Sunar, B.: Wait a minute! a fast, cross-VM attack on AES. In: International Workshop on Recent Advances in Intrusion Detection, pp. 299–319. Springer (2014)
Kayaalp, M., Khasawneh, K.N., Esfeden, H.A., Elwell, J., Abu-Ghazaleh, N., Ponomarev, D., Jaleel, A.: RIC: relaxed inclusion caches for mitigating LLC side-channel attacks. In: Proceedings of the 54th Annual Design Automation Conference 2017, p. 7. ACM (2017)
Kingma, D., Ba, J.: Adam: a method for stochastic optimization. arXiv preprint arXiv:1412.6980 (2014)
Ngiam, J., Coates, A., Lahiri, A., Prochnow, B., Le, Q.V., Ng, A.Y.: On optimization methods for deep learning. In: Proceedings of the 28th International Conference on Machine Learning (ICML-11), pp. 265–272 (2011)
Nomani, J., Szefer, J.: Predicting program phases and defending against side-channel attacks using hardware performance counters. In: Proceedings of the Fourth Workshop on Hardware and Architectural Support for Security and Privacy, p. 9. ACM (2015)
Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Topics in Cryptology–CT-RSA 2006, pp. 1–20. Springer (2006)
Percival, C.: Cache missing for fun and profit (2005)
Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 199–212. ACM (2009)
Suzaki, K., Iijima, K., Yagi, T., Artho, C.: Memory deduplication as a threat to the guest OS. In: Proceedings of the Fourth European Workshop on System Security, p. 1. ACM (2011)
Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., Miyauchi, H.: Cryptanalysis of DES implemented on computers with cache. In: International Workshop on Cryptographic Hardware and Embedded Systems, pp. 62–76. Springer (2003)
Vogl, S., Eckert, C.: Using hardware performance events for instruction-level monitoring on the x86 architecture. In: Proceedings of the 2012 European Workshop on System Security EuroSec, vol. 12 (2012)
Yarom, Y., Falkner, K.: FLUSH+RELOAD: a high resolution, low noise, L3 cache side-channel attack. In: 23rd USENIX Security Symposium (USENIX Security 14), pp. 719–732 (2014)
Zhang, T., Zhang, Y., Lee, R.B.: Cloudradar: a real-time side-channel attack detection system in clouds. In: International Symposium on Research in Attacks, Intrusions, and Defenses, pp. 118–140. Springer (2016)
Zhang, Y., Juels, A., Reiter, M.K., Ristenpart, T.: Cross-VM side channels and their use to extract private keys. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 305–316. ACM (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Allaf, Z., Adda, M., Gegov, A. (2018). A Comparison Study on Flush+Reload and Prime+Probe Attacks on AES Using Machine Learning Approaches. In: Chao, F., Schockaert, S., Zhang, Q. (eds) Advances in Computational Intelligence Systems. UKCI 2017. Advances in Intelligent Systems and Computing, vol 650. Springer, Cham. https://doi.org/10.1007/978-3-319-66939-7_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-66939-7_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-66938-0
Online ISBN: 978-3-319-66939-7
eBook Packages: EngineeringEngineering (R0)