基于机器学习的多目标缓存侧信道攻击检测模型

Multi-object cache side-channel attack detection model based on machine learning

当前缓存侧信道攻击检测技术主要针对单一攻击模式,对2~3种攻击的检测方法有限,无法全面覆盖;此外,尽管对单一攻击的检测精度高,但随着攻击数增加,精度下降,容易产生误报。为了有效检测缓存侧信道攻击,利用硬件性能计数器(HPC)采集不同的缓存侧信道攻击特征,结合机器学习算法,提出一种基于机器学习的多目标缓存侧信道攻击检测模型。首先,分析不同缓存侧信道攻击方式的相关特征,精选关键特征并收集数据集;其次,进行独立的训练,建立针对每种攻击方式的检测模型;最后,在检测时将测试数据并行送入多个模型中,根据检测结果判断是否存在某种缓存侧信道攻击。实验结果显示,所提模型在检测Flush+Reload、Flush+Flush和Prime+Probe这3种缓存侧信道攻击时,分别达到99.91%、98.69%和99.54%的高准确率,即使在同时存在多种攻击的情况下,也能准确识别各种攻击方式。

Current cache side-channel attack detection technology mainly aims at a single attack mode.The detection methods for two to three attacks are limited and cannot fully cover them.In addition,although the detection accuracy of a single attack is high,as the number of attacks increases,the accuracy decreases and false positives are easily generated.To effectively detect cache side-channel attacks,a multi-object cache side-channel attack detection model based on machine learning was proposed,which utilized Hardware Performance Counter(HPC)to collect various cache side-channel attack features.Firstly,relevant feature analysis was conducted on various cache side-channel attack modes,and key features were selected and data sets were collected.Then,independent training was carried out to establish a detection model for each attack mode.Finally,during detection,test data was input into multiple models in parallel.The detection results from multiple models were employed to ascertain the presence of any cache side-channel attack.Experimental results show that the proposed model reaches high accuracies of 99.91%,98.69%and 99.54%respectively when detecting three cache side-channel attacks:Flush+Reload,Flush+Flush and Prime+Probe.Even when multiple attacks exist at the same time,various attack modes can be accurately identified.