Abstract
Computer and network security is an ever important field of study as information processed by these systems is of ever increasing value. The state of research on direct attacks, such as exploiting memory safety or shell input errors is well established and a rich set of testing tools are available for these types of attacks. Machine-learning based intrusion detection systems are also available and are commonly deployed in production environments. What is missing, however, is the consideration of implicit information flows, or side-channels . Research has revealed side-channels formed by everything from CPU acoustic noise, to encrypted network traffic patterns, to computer monitor ambient light. Furthermore, no portable method exists for distributing side-channel test cases. This paper introduces a framework for adversary modeling and feedback generation on what the adversary may learn from the various side-channel information sources. The framework operates by monitoring two data streams; the first being the stream of side-channel cues, and the second being the stream of private system activity. These streams are used for training and evaluating a machine learning classifier to determine its performance of private system activity prediction. A prototype has been built to evaluate side-channel effects on four popular scenarios.
Highlights
Good software development practice teaches the fundamental rule that software security should be integrated into the complete development cycle of the software system and should not be an afterthought, a final step or a layer isolated from all other system concerns
FRAMEWORK DESIGN In order to facilitate the detection of side-channel information leaks in applications, we propose a layered set of functional components which allow for the creation of side-channel test scenarios
WORK In this paper, we have discussed the problem of side-channels in software systems and have proposed, as a core research contribution, a framework for side-channel detection
Summary
Good software development practice teaches the fundamental rule that software security should be integrated into the complete development cycle of the software system and should not be an afterthought, a final step or a layer isolated from all other system concerns. When developing a REST based API that interacts with a SQL database it is well known that the API developer should thoroughly examine how data passed over the HTTP calls ends up in the SQL query strings in order to prevent a SQL injection attack To aid in this process, tools are available such as sqlmap [1] which can automatically test code for SQL injection vulnerabilities. Due to the issues of complicated security requirements, hardware-specific issues and unforeseen future use-cases, the problem of verifying a software package for absence of sidechannel vulnerabilities continues to be a difficult task For this reason, we propose and implement a data-driven monitoring framework, which monitors software system activity, observable hardware/software behaviours, and security model properties.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
