Cryptology ePrint Archive: Report 2015/1034

Real time detection of cache-based side-channel attacks using Hardware Performance Counters

Marco Chiappetta and Erkay Savas and Cemal Yilmaz

Abstract: In this paper we analyze three methods to detect cache-based side-channel attacks in real time, preventing or limiting the amount of leaked information. Two of the three methods are based on machine learning techniques and all the three of them can successfully detect an attacker in about one fifth of the time required to complete the attack. There were no false positives in our test environment. Moreover we could not measure a change in the execution time of the processes involved in the attack, meaning there is no perceivable overhead. We also analyze how the detection systems behave with a modified version of one of the spy processes. With some optimization we are confident these systems can be used in real world scenarios.

Category / Keywords: applications / hardware performance counters, cache, side-channel, aes, ecdsa, spy, defense

Date: received 24 Oct 2015, last revised 27 Oct 2015

Contact author: marcoc at sabanciuniv edu

Available format(s): PDF | BibTeX Citation

Version: 20151027:144945 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]