Run-time Detection of Prime + Probe Side-Channel Attack on AES Encryption Algorithm

• Published in: 2018 Global Information Infrastructure and Networking Symposium (GIIS) pp. 1 - 5
• Main Authors: Mushtaq, Maria, Akram, Ayaz, Bhatti, Muhammad Khurram, Rais, Rao Naveed Bin, Lapotre, Vianney, Gogniat, Guy
• Format: Conference Proceeding
• Language: English
• Published: IEEE 01.10.2018
• Subjects: AES; Cryptography; Data models; Detection; Encryption; Hardware; HPCs; Machine learning; prime+Probe; Real-time systems; Side-channel attacks
• ISSN: 2150-329X
• DOI: 10.1109/GIIS.2018.8635767

This paper presents a run-time detection mechanism for access-driven cache-based Side-Channel Attacks (CSCAs) on Intel's x86 architecture. We demonstrate the detection capability and effectiveness of proposed mechanism on Prime+Probe attcks. The mechanism comprises of multiple machine learning models, which use real-time data from the HPCs for detection. Experiments are performed with two different implementations of AES cryptosystem while under Prime+Probe attack. We provide results under stringent design constraints such as: realistic system load conditions, real-time detection accuracy, speed, system-wide performance overhead and distribution of error (i.e., false positives and negatives) for the used machine learning models. Our results show detection accuracy of > 99% for Prime+Probe attack with performance overhead of 3-4% at the highest detection speed, i.e., within 1-2% completion of 4800 AES encryption rounds needed to complete a successful attack.