Real-Time Detection for Cache Side Channel Attack using Performance Counter Monitor

Cache side channel attacks extract secret information by monitoring the cache behavior of a victim. Normally, this attack targets an L3 cache, which is shared between a spy and a victim. Hence, a spy can obtain secret information without alerting the victim. To resist this attack, many detection techniques have been proposed. However, these approaches have limitations as they do not operate in real time. This article proposes a real-time detection method against cache side channel attacks. The proposed technique performs the detection of cache side channel attacks immediately after observing a variation of the CPU counters. For this, Intel PCM (Performance Counter Monitor) and machine learning algorithms are used to measure the value of the CPU counters. Throughout the experiment, several PCM counters recorded changes during the attack. From these observations, a detecting program was implemented by using these counters. The experimental results show that the proposed detection technique displays good performance for real-time detection in various environments.

Download Full-text

Real-Time Detection on Cache Side Channel Attacks using Performance Counter Monitor

2019 International Conference on Information and Communication Technology Convergence (ICTC) ◽

10.1109/ictc46691.2019.8939797 ◽

2019 ◽

Author(s):

JongHyeon Cho ◽

TaeHyun Kim ◽

TaeHun Kim ◽

Youngjoo Shin

Keyword(s):

Real Time ◽

Side Channel ◽

Side Channel Attacks ◽

Performance Counter ◽

Real Time Detection

Download Full-text

Real time detection of cache-based side-channel attacks using hardware performance counters

Applied Soft Computing ◽

10.1016/j.asoc.2016.09.014 ◽

2016 ◽

Vol 49 ◽

pp. 1162-1174 ◽

Cited By ~ 71

Author(s):

Marco Chiappetta ◽

Erkay Savas ◽

Cemal Yilmaz

Keyword(s):

Real Time ◽

Side Channel ◽

Side Channel Attacks ◽

Performance Counters ◽

Real Time Detection ◽

Hardware Performance Counters ◽

Hardware Performance

Download Full-text

Road surface real-time detection based on Raspberry Pi and recurrent neural networks

Transactions of the Institute of Measurement and Control ◽

10.1177/01423312211003372 ◽

2021 ◽

pp. 014233122110033

Author(s):

Junyi Wang ◽

Qinggang Meng ◽

Peng Shang ◽

Mohamad Saada

Keyword(s):

Machine Learning ◽

Neural Networks ◽

Real Time ◽

Recurrent Neural Networks ◽

Road Surface ◽

Machine Learning Algorithms ◽

Raspberry Pi ◽

Accuracy Rate ◽

Surface Detection ◽

Real Time Detection

This paper focuses on road surface real-time detection by using tripod dolly equipped with Raspberry Pi 3 B+, MPU 9250, which is convenient to collect road surface data and realize real-time road surface detection. Firstly, six kinds of road surfaces data are collected by utilizing Raspberry Pi 3 B+ and MPU 9250. Secondly, the classifiers can be obtained by adopting several machine learning algorithms, recurrent neural networks (RNN) and long short-term memory (LSTM) neural networks. Among the machine learning classifiers, gradient boosting decision tree has the highest accuracy rate of 97.92%, which improves by 29.52% compared with KNN with the lowest accuracy rate of 75.60%. The accuracy rate of LSTM neural networks is 95.31%, which improves by 2.79% compared with RNN with the accuracy rate of 92.52%. Finally, the classifiers are embedded into the Raspberry Pi to detect the road surface in real time, and the detection time is about one second. This road surface detection system could be used in wheeled robot-car and guiding the robot-car to move smoothly.

Download Full-text

A Survey of Prototype Side-channel Attacks Based on Machine Learning Algorithms for Cryptographic Chips

Journal of Physics Conference Series ◽

10.1088/1742-6596/1176/3/032005 ◽

2019 ◽

Vol 1176 ◽

pp. 032005 ◽

Cited By ~ 1

Author(s):

Dongxin Guo ◽

Kaiyan Chen ◽

Xiaoyang Hu ◽

Yanhai Wei ◽

Jianlong Li

Keyword(s):

Machine Learning ◽

Learning Algorithms ◽

Machine Learning Algorithms ◽

Side Channel ◽

Side Channel Attacks

Download Full-text

Comparison study of machine learning classifiers to detect anomalies

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v10i5.pp5445-5452 ◽

2020 ◽

Vol 10 (5) ◽

pp. 5445

Author(s):

Nisha P Shetty ◽

Jayashree Shetty ◽

Rohil Narula ◽

Kushagra Tandona

Keyword(s):

Machine Learning ◽

Real Time ◽

Credit Card ◽

Sensitive Information ◽

Comparison Study ◽

Intrusion Prevention ◽

Detection Techniques ◽

Machine Learning Classifiers ◽

Learning Classifiers ◽

Real Time Detection

In this era of Internet ensuring the confidentiality, authentication and integrity of any resource exchanged over the net is the imperative. Presence of intrusion prevention techniques like strong password, firewalls etc. are not sufficient to monitor such voluminous network traffic as they can be breached easily. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database.Thus, the need for real-time detection of aberrations is observed. Existing signature based detection techniques like antivirus only offers protection against known attacks whose signatures are stored in the database. Machine learning classifiers are implemented here to learn how the values of various fields like source bytes, destination bytes etc. in a network packet decides if the packet is compromised or not . Finally the accuracy of their detection is compared to choose the best suited classifier for this purpose. The outcome thus produced may be useful to offer real time detection while exchanging sensitive information such as credit card details.

Download Full-text

Detection of DDoS Attacks in OpenStack-based Private Cloud Using Apache Spark

Journal of Telecommunications and Information Technology ◽

10.26636/jtit.2020.146120 ◽

2020 ◽

Vol 4 ◽

pp. 62-71

Author(s):

Shweta Gumaste ◽

Narayan D. G. ◽

Sumedha Shinde ◽

Amit K

Keyword(s):

Machine Learning ◽

Real Time ◽

Service Providers ◽

Distributed Processing ◽

Denial Of Service ◽

Machine Learning Algorithms ◽

Apache Spark ◽

Ddos Attacks ◽

Ddos Detection ◽

Real Time Detection

Security is a critical concern for cloud service providers. Distributed denial of service (DDoS) attacks are the most frequent of all cloud security threats, and the consequences of damage caused by DDoS are very serious. Thus, the design of an efficient DDoS detection system plays an important role in monitoring suspicious activity in the cloud. Real-time detection mechanisms operating in cloud environments and relying on machine learning algorithms and distributed processing are an important research issue. In this work, we propose a real-time detection of DDoS attacks using machine learning classifiers on a distributed processing platform. We evaluate the DDoS detection mechanism in an OpenStack-based cloud testbed using the Apache Spark framework. We compare the classification performance using benchmark and real-time cloud datasets. Results of the experiments reveal that the random forest method offers better classifier accuracy. Furthermore, we demonstrate the effectiveness of the proposed distributed approach in terms of training and detection time.

Download Full-text

An IoT-Focused Intrusion Detection System Approach Based on Preprocessing Characterization for Cybersecurity Datasets

Sensors ◽

10.3390/s21020656 ◽

2021 ◽

Vol 21 (2) ◽

pp. 656

Author(s):

Xavier Larriva-Novo ◽

Víctor A. Villagrá ◽

Mario Vega-Barbas ◽

Diego Rivera ◽

Mario Sanz Rodrigo

Keyword(s):

Machine Learning ◽

Intrusion Detection ◽

High Performance ◽

Learning Algorithm ◽

Detection System ◽

Machine Learning Algorithms ◽

Statistical Characteristics ◽

Detection Techniques ◽

Traffic Characteristics ◽

Benchmark Datasets

Security in IoT networks is currently mandatory, due to the high amount of data that has to be handled. These systems are vulnerable to several cybersecurity attacks, which are increasing in number and sophistication. Due to this reason, new intrusion detection techniques have to be developed, being as accurate as possible for these scenarios. Intrusion detection systems based on machine learning algorithms have already shown a high performance in terms of accuracy. This research proposes the study and evaluation of several preprocessing techniques based on traffic categorization for a machine learning neural network algorithm. This research uses for its evaluation two benchmark datasets, namely UGR16 and the UNSW-NB15, and one of the most used datasets, KDD99. The preprocessing techniques were evaluated in accordance with scalar and normalization functions. All of these preprocessing models were applied through different sets of characteristics based on a categorization composed by four groups of features: basic connection features, content characteristics, statistical characteristics and finally, a group which is composed by traffic-based features and connection direction-based traffic characteristics. The objective of this research is to evaluate this categorization by using various data preprocessing techniques to obtain the most accurate model. Our proposal shows that, by applying the categorization of network traffic and several preprocessing techniques, the accuracy can be enhanced by up to 45%. The preprocessing of a specific group of characteristics allows for greater accuracy, allowing the machine learning algorithm to correctly classify these parameters related to possible attacks.

Download Full-text