Journal of Computer Applications ›› 2024, Vol. 44 ›› Issue (6): 1862-1871.DOI: 10.11772/j.issn.1001-9081.2023060787

Special Issue: 网络空间安全

• Cyber security • Previous Articles     Next Articles

Multi-object cache side-channel attack detection model based on machine learning

Zihao YAO1,2, Yuanming LI3, Ziqiang MA1,2(), Yang LI1,2, Lianggen WEI1,2   

  1. 1.School of Information Engineering,Ningxia University,Yinchuan Ningxia 750021,China
    2.Collaborative Innovation Center for Big Data and Artificial Intelligence Co?founded by Ningxia Municipality and Ministry of Education (Ningxia University),Yinchuan Ningxia 750021,China
    3.BYD Automobile Company Limited,Yinchuan Ningxia 750101,China
  • Received:2023-06-26 Revised:2023-10-14 Accepted:2023-10-23 Online:2023-11-01 Published:2024-06-10
  • Contact: Ziqiang MA
  • About author:YAO Zihao, born in 1999, M. S. candidate. His research interests include computer system security, cache side-channel attack and defense.
    LI Yuanming, born in 1996, M. S. candidate. His research interests include computer system security, cache side-channel attack and defense.
    LI Yang, born in 1999, M. S. candidate. His research interests include computer system security, cache side-channel attack and defense, transient attack.
    WEI Lianggen, born in 1997, M. S. candidate. His research interests include computer system security, lattice attack, lattice cipher.
  • Supported by:
    Talent Introduction Project of Ningxia Key Research and Development Program(2021BEB04047);Ningxia Natural Science Foundation(2021AAC03078);Ningxia Key Research and Development Program(2022BDE03008)

基于机器学习的多目标缓存侧信道攻击检测模型

姚梓豪1,2, 栗远明3, 马自强1,2(), 李扬1,2, 魏良根1,2   

  1. 1.宁夏大学 信息工程学院, 银川 750021
    2.宁夏大数据与人工智能省部共建协同创新中心 (宁夏大学), 银川 750021
    3.比亚迪汽车有限公司, 银川 750101
  • 通讯作者: 马自强
  • 作者简介:姚梓豪(1999—),男,安徽省阜阳人,硕士研究生,主要研究方向:计算机系统安全、缓存侧信道攻击与防御
    栗远明(1996—),男,宁夏吴忠人,硕士研究生,主要研究方向:计算机系统安全、缓存侧信道攻击与防御
    李扬(1999—),男,江西上饶人,硕士研究生,主要研究方向:计算机系统安全、缓存侧信道攻击与防御、瞬态攻击
    魏良根(1997—),男,四川成都人,硕士研究生,主要研究方向:计算机系统安全、格攻击、格密码。
  • 基金资助:
    宁夏重点研发计划引才专项(2021BEB04047);宁夏自然科学基金资助项目(2021AAC03078);宁夏重点研发计划项目(2022BDE03008)

Abstract:

Current cache side-channel attack detection technology mainly aims at a single attack mode. The detection methods for two to three attacks are limited and cannot fully cover them. In addition, although the detection accuracy of a single attack is high, as the number of attacks increases, the accuracy decreases and false positives are easily generated. To effectively detect cache side-channel attacks, a multi-object cache side-channel attack detection model based on machine learning was proposed, which utilized Hardware Performance Counter (HPC) to collect various cache side-channel attack features. Firstly, relevant feature analysis was conducted on various cache side-channel attack modes, and key features were selected and data sets were collected. Then, independent training was carried out to establish a detection model for each attack mode. Finally, during detection, test data was input into multiple models in parallel. The detection results from multiple models were employed to ascertain the presence of any cache side-channel attack. Experimental results show that the proposed model reaches high accuracies of 99.91%, 98.69% and 99.54% respectively when detecting three cache side-channel attacks: Flush+Reload, Flush+Flush and Prime+Probe. Even when multiple attacks exist at the same time, various attack modes can be accurately identified.

Key words: cache side-channel attack, cache side-channel attack detection, Hardware Performance Counter (HPC), feature analysis, machine learning

摘要:

当前缓存侧信道攻击检测技术主要针对单一攻击模式,对2~3种攻击的检测方法有限,无法全面覆盖;此外,尽管对单一攻击的检测精度高,但随着攻击数增加,精度下降,容易产生误报。为了有效检测缓存侧信道攻击,利用硬件性能计数器(HPC)采集不同的缓存侧信道攻击特征,结合机器学习算法,提出一种基于机器学习的多目标缓存侧信道攻击检测模型。首先,分析不同缓存侧信道攻击方式的相关特征,精选关键特征并收集数据集;其次,进行独立的训练,建立针对每种攻击方式的检测模型;最后,在检测时将测试数据并行送入多个模型中,根据检测结果判断是否存在某种缓存侧信道攻击。实验结果显示,所提模型在检测Flush+Reload、Flush+Flush和Prime+Probe这3种缓存侧信道攻击时,分别达到99.91%、98.69%和99.54%的高准确率,即使在同时存在多种攻击的情况下,也能准确识别各种攻击方式。

关键词: 缓存侧信道攻击, 缓存侧信道攻击检测, 硬件性能计数器, 特征分析, 机器学习

CLC Number: