Abstract
The article discusses the monitoring system being developed by authors for the detection of Side-Channel Attacks, SCA. The theoretical justification of the chosen method of detecting SCA attacks is given: analysis of hardware events of the target system. The architecture of the monitoring system is described, including low-level data collection processes and an expert system that analyzes the collected data. The results of the proof-of-concept on various classes of SCA-attacks are presented. The paper considers a class of attacks on side-channels that use the processor cache to obtain secret information. A method of countering attacks of this class based on the use of a hardware event mechanism is proposed. As a result of the analysis of existing hardware events, predicates have been built for the Intel architecture, allowing one to identify the suspicious behavior of programs in the Linux OS environment. To test the proposed method, a prototype monitoring system was implemented that successfully coped with the detection of simulated SCA-attacks. The advantages and disadvantages of this method are considered, and the direction of further research is indicated.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.