Online Synthesis of Adaptive Side-Channel Attacks Based On Noisy Observations

被引:12
作者
Bang, Lucas [1 ]
Rosner, Nicolas [1 ]
Bultan, Tevfik [1 ]
机构
[1] Univ Calif Santa Barbara, Dept Comp Sci, Santa Barbara, CA 93106 USA
来源
2018 3RD IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY (EUROS&P 2018) | 2018年
关键词
D O I
10.1109/EuroSP.2018.00029
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We present an automated technique for synthesizing adaptive attacks to extract information from program functions that leak secret data through a side channel. We synthesize attack steps dynamically and consider noisy program environments. Our approach consists of an offline profiling phase using symbolic execution, witness generation, and profiling to construct a noise model. During our online attack synthesis phase, we use weighted model counting and numeric optimization to automatically synthesize attack inputs. We experimentally evaluate the effectiveness of our approach on DARPA benchmark programs created for testing side-channel analysis techniques.
引用
收藏
页码:307 / 322
页数:16
相关论文
共 40 条
[1]  
Alvim Mario<prime>S., 2010, INFORM FLOW INTERACT, P102
[2]  
[Anonymous], 2017, MATH VERS 11
[3]  
[Anonymous], 2015, 22 ANN NETW DISTR SY
[4]  
[Anonymous], 2016, NDSS
[5]  
Antonopoulos Timos, 2016, DECOMPOSITION INSTEA
[6]  
Apogee Research, 2017, DARPA STAC PROJ PUBL
[7]   Automatic Discovery and Quantification of Information Leaks [J].
Backes, Michael ;
Koepf, Boris ;
Rybalchenko, Andrey .
PROCEEDINGS OF THE 2009 30TH IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 2009, :141-+
[8]  
Bang Lucas, 2016, P 24 ACM SIGSOFT INT
[9]   A POLYNOMIAL-TIME ALGORITHM FOR COUNTING INTEGRAL POINTS IN POLYHEDRA WHEN THE DIMENSION IS FIXED [J].
BARVINOK, AI .
MATHEMATICS OF OPERATIONS RESEARCH, 1994, 19 (04) :769-779
[10]  
Brumley D, 2003, USENIX ASSOCIATION PROCEEDINGS OF THE 12TH USENIX SECURITY SYMPOSIUM, P1
1234