Paper 2015/1034

Real time detection of cache-based side-channel attacks using Hardware Performance Counters

Marco Chiappetta, Erkay Savas, and Cemal Yilmaz

Abstract

In this paper we analyze three methods to detect cache-based side-channel attacks in real time, preventing or limiting the amount of leaked information. Two of the three methods are based on machine learning techniques and all the three of them can successfully detect an attacker in about one fifth of the time required to complete the attack. There were no false positives in our test environment. Moreover we could not measure a change in the execution time of the processes involved in the attack, meaning there is no perceivable overhead. We also analyze how the detection systems behave with a modified version of one of the spy processes. With some optimization we are confident these systems can be used in real world scenarios.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. MINOR revision.
Keywords
hardware performance counterscacheside-channelaesecdsaspydefense
Contact author(s)
marcoc @ sabanciuniv edu
History
2015-10-27: revised
2015-10-27: received
See all versions
Short URL
https://ia.cr/2015/1034
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/1034,
      author = {Marco Chiappetta and Erkay Savas and Cemal Yilmaz},
      title = {Real time detection of cache-based side-channel attacks using Hardware Performance Counters},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/1034},
      year = {2015},
      url = {https://eprint.iacr.org/2015/1034}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.