Cryptology ePrint Archive: Report 2019/978

Deep Learning Model Generalization in Side-Channel Analysis

Guilherme Perin

Abstract: The adoption of deep neural networks for profiled side-channel attacks provides different capabilities for leakage detection of secure products. Research papers provide a variety of arguments with respect to model interpretability and the selection of adequate hyper-parameters for each target under evaluation. When training a neural network for side-channel leakage classification, it is expected that the trained model is able to implement an approximation function that can detect leaking side-channel samples and, at the same time, be insensible to noisy (or non-leaking) samples. This is basically a generalization situation where the model can identify main representations learned from the training set in a separate test set. Very few understanding has been achieved in order to demonstrate if a trained model is actually generalizing for the current side-channel problem. In this paper, we provide guidelines for a correct interpretation of model's generalization in side-channel analysis. We detail how class probabilities provided by the output layer are very informative for the understanding of generalization and how they can be used as an important validation metric. Moreover, we demonstrate that ensemble learning based on averaged class probabilities improves the generalization of neural networks in side-channel attacks.

Category / Keywords: applications / Side-Channel Analysis, Deep Learning, Model Generalization, Ensemble Learning

Date: received 27 Aug 2019, last revised 29 Aug 2019

Contact author: guilhermeperin7 at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20190829:111314 (All versions of this report)

Short URL: ia.cr/2019/978


[ Cryptology ePrint archive ]