In this work, we ﬁrst present a low-cost, anomaly-based semi-supervised approach, which is instrumental in detecting the presence of ongoing side-channel attacks at runtime. We are, in particular, concerned with attacks that are carried out by creating intentional contentions in shared resources with cryptographic applications using a “spy” process. At a very high level, the approach quantiﬁes contentions in shared resources, associates these contentions with processes, such as with a victim process, and issues a warning at runtime whenever the contentions reach a “suspicious” level. We then adapt this approach to detect the presence of four different types of cache-based side-channel attacks, namely prime-and-probe attacks on advanced encryption standard (AES), ﬂush-and-reload attacks on AES and elliptic curve digital signature algorithm with Montgomery ladder algorithm, and Flush + Flush attacks on AES. To this end, we vary the shared resources monitored, the level of granularity at which the contentions in these resources are quantiﬁed, and the way the suspicious levels of contentions are detected. We evaluate the proposed approach also in cross-virtual machine setups (when applicable). The results of our experiments support our basic hypothesis that spy processes, which leverage information leaked by cryptographic applications through some shared resources, ironically
International Journal of Information Security – Springer Journals
Published: Jun 2, 2018
It’s your single place to instantly
discover and read the research
that matters to you.
Enjoy affordable access to
over 18 million articles from more than
15,000 peer-reviewed journals.
All for just $49/month
Query the DeepDyve database, plus search all of PubMed and Google Scholar seamlessly
Save any article or search result from DeepDyve, PubMed, and Google Scholar... all in one place.
Get unlimited, online access to over 18 million full-text articles from more than 15,000 scientific journals.
Read from thousands of the leading scholarly journals from SpringerNature, Elsevier, Wiley-Blackwell, Oxford University Press and more.
All the latest content is available, no embargo periods.
“Hi guys, I cannot tell you how much I love this resource. Incredible. I really believe you've hit the nail on the head with this site in regards to solving the research-purchase issue.”Daniel C.
“Whoa! It’s like Spotify but for academic articles.”@Phil_Robichaud
“I must say, @deepdyve is a fabulous solution to the independent researcher's problem of #access to #information.”@deepthiw
“My last article couldn't be possible without the platform @deepdyve that makes journal papers cheaper.”@JoseServera