Power-Based Side-Channel Attacks on Program Control Flow with Machine Learning Models-Reference-Cited by-同舟云学术

Power-Based Side-Channel Attacks on Program Control Flow with Machine Learning Models

Published:2023-07-07 Issue:3 Volume:3 Page:351-363
ISSN:2624-800X
Container-title:Journal of Cybersecurity and Privacy
language:en
Short-container-title:JCP

Author:

Robins Andey¹^ORCID,Olguin Stone²^ORCID,Brown Jarek²^ORCID,Carper Clay²,Borowczak Mike¹^ORCID

Affiliation:

1. Department of Electrical and Computer Engineering, University of Central Florida, Orlando, FL 32816, USA

2. Department of Electrical Engineering and Computer Science, University of Wyoming, Laramie, WY 82070, USA

Abstract

The control flow of a program represents valuable and sensitive information; in embedded systems, this information can take on even greater value as the resources, control flow, and execution of the system have more constraints and functional implications than modern desktop environments. Early works have demonstrated the possibility of recovering such control flow through power-based side-channel attacks in tightly constrained environments; however, they relied on meaningful differences in computational states or data dependency to distinguish between states in a state machine. This work applies more advanced machine learning techniques to state machines which perform identical operations in all branches of control flow. Complete control flow is recovered with 99% accuracy even in situations where 97% of work is outside of the control flow structures. This work demonstrates the efficacy of these approaches for recovering control flow information; continues developing available knowledge about power-based attacks on program control flow; and examines the applicability of multiple standard machine learning models to the problem of classification over power-based side-channel information.

Funder

INL Laboratory Directed Research & Development (LDRD) Program under the DOE Battelle Energy Alliance Standard Research Contract

the University of Wyoming’s Nell Templeton Endowment

Publisher

MDPI AG

Subject

General Medicine

Link

https://www.mdpi.com/2624-800X/3/3/18/pdf

Reference29 articles.

1. Carper, C., Robins, A., and Borowczak, M. (2022, January 23–26). Transition Recovery Attack on Embedded State Machines Using Power Analysis. Proceedings of the 2022 IEEE 40th International Conference on Computer Design (ICCD), Olympic Valley, CA, USA.

2. O’flynn, C., and Chen, Z. (2014). Constructive Side-Channel Analysis and Secure Design, Proceedings of the 5th International Workshop, COSADE 2014, Paris, France, 13–15 April 2014, Springer. Revised Selected Papers 5.

3. Kocher, P., Jaffe, J., and Jun, B. (1999). Advances in Cryptology—CRYPTO ’99, Proceedings of the Annual International Cryptology Conference, Santa Barbara, CA, USA, 15–19 August 1999, Springer.

4. Randolph, M., and Diehl, W. (2020). Power side-channel attack analysis: A review of 20 years of study for the layman. Cryptography, 4.

5. Gangolli, A., Mahmoud, Q.H., and Azim, A. (2022). A systematic review of fault injection attacks on IOT systems. Electronics, 11.