Paper 2019/978
Deep Learning Model Generalization in Side-Channel Analysis
Guilherme Perin
Abstract
The adoption of deep neural networks for profiled side-channel attacks provides different capabilities for leakage detection of secure products. Research papers provide a variety of arguments with respect to model interpretability and the selection of adequate hyper-parameters for each target under evaluation. When training a neural network for side-channel leakage classification, it is expected that the trained model is able to implement an approximation function that can detect leaking side-channel samples and, at the same time, be insensible to noisy (or non-leaking) samples. This is basically a generalization situation where the model can identify main representations learned from the training set in a separate test set. Very few understanding has been achieved in order to demonstrate if a trained model is actually generalizing for the current side-channel problem. In this paper, we provide guidelines for a correct interpretation of model's generalization in side-channel analysis. We detail how class probabilities provided by the output layer are very informative for the understanding of generalization and how they can be used as an important validation metric. Moreover, we demonstrate that ensemble learning based on averaged class probabilities improves the generalization of neural networks in side-channel attacks.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Preprint. MINOR revision.
- Keywords
- Side-Channel AnalysisDeep LearningModel GeneralizationEnsemble Learning
- Contact author(s)
- guilhermeperin7 @ gmail com
- History
- 2020-10-16: last of 3 revisions
- 2019-08-29: received
- See all versions
- Short URL
- https://ia.cr/2019/978
- License
-
CC BY