Hardware and software have failed to securely manage the sensitive elements of cryptographic algorithms in computational environment due to memory contentions. This opened new opportunities for hackers to carry out side channel attacks on a system and steal sensitive data. Existing Side-channel attack techniques show that attackers can exploit the microarchitecture and OS vulnerabilities. The recent Meltdown attack for instance, using Flush+Reload technique, exploits program execution attributes such as “out-of-order execution” to break the logical isolation between the memories and processes. In this paper, we have developed a real-time detection and identification system against side-channel attacks. Unlike previous works, the proposed approach does not rely on synchronisation between the attackers and victims. This is realised by taking a course of program phase analysis, through performance counters, to extract Malicious Loop (ML). Simulation has shown that the proposed approach attained higher accuracy for up to 99% and efficient detection of Flush+Reload activities, through classification methods. Furthermore, the detection process, in native and cloud systems, unlike others, takes shorter execution time without additional costs, and the model benefits from very low overhead performance of approximately less than 1% of the host system.
|Title of host publication
|Proceedings of the 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
|Cyril Onwubiko, Xavier Bellekens, Arnau Erola
|Institute of Electrical and Electronics Engineers Inc.
|Number of pages
|Published - 31 Oct 2019
|Cyber Science 2019 - University of Oxford, Oxford, United Kingdom
Duration: 3 Jun 2019 → 4 Jun 2019
|Cyber Science 2019
|3/06/19 → 4/06/19