Cryptology ePrint Archive: Report 2019/978

Strength in Numbers: Improving Generalization with Ensembles in Profiled Side-channel Analysis

Guilherme Perin and Lukasz Chmielewski and Stjepan Picek

Abstract: The adoption of deep neural networks for profiled side-channel attacks provides powerful options for leakage detection and key retrieval of secure products. When training a neural network for side-channel analysis, it is expected that the trained model can implement an approximation function that can detect leaking side-channel samples and, at the same time, be insensible to noisy (or non-leaking) samples. This outlines a generalization situation where the model can identify the main representations learned from the training set in a separate test set. In this paper, we first discuss how output class probabilities represent a strong metric when conducting the side-channel analysis. Further, we observe that these output probabilities are sensitive to small changes, like the selection of specific test traces or weight initialization for a neural network. Next, we discuss the hyper-parameter tuning, where one commonly uses only a single out of dozens of trained models, where each of those models will result in different output probabilities. We show how ensembles of machine learning models based on averaged class probabilities can improve generalization. Our results emphasize that ensembles increase the performance of a profiled side-channel attack and reduce the variance of results stemming from different groups of hyper-parameters, regardless of the selected dataset or leakage model.

Category / Keywords: applications / Side-Channel Analysis, Deep Learning, Model Generalization, Ensemble Learning

Original Publication (in the same form): IACR-CHES-2020
DOI:
10.13154/tches.v2020.i4.337-364

Date: received 27 Aug 2019, last revised 16 Oct 2020

Contact author: guilhermeperin7 at gmail com, lukchmiel at gmail com, picek stjepan at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20201016:145929 (All versions of this report)

Short URL: ia.cr/2019/978


[ Cryptology ePrint archive ]