Research Article
BibTex RIS Cite

AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi ile Tespiti

Year 2020, Volume: 13 Issue: 1, 57 - 68, 13.04.2020

Burcu Sönmez Sarıkaya

Abstract

Yan kanal saldırıları, hedeflenen sistemdeki şifreleme işlemleri
hakkındaki yan kanal bilgisi veya bilgi sızıntısı olarak adlandırılan dolaylı
bilgileri kullanır. Bu bilgiler, saldırıları sistem üzerinde oldukça etkili
kılar. Bu çalışmada, zaman bilgisini birincil ve önbellek bilgilerini ikincil
yan kanal kanal bilgisi olarak kullanan zaman odaklı bir önbellek saldırısı
incelenmektedir. Zaman odaklı yan kanal saldırısını gerçekleştirmek için hedef
olarak AES algoritması seçilmiştir. Gerçekleştirilen zaman odaklı yan kanal
saldırısı, AES algoritmasının son döngüsündeki gizli anahtarı elde etmektedir.
Sistemin zayıf yönlerini belirlemek için ikincil kanallardan bilgi çıkarmak
için makine öğrenmesi ve derin öğrenme modelleri kulanılmıştır. Saldırı
sırasında oluşturulan zaman profilleri üzerinde ağaç modelleri kullanılarak,
saldırının en önemli yan kanal bilgileri değerlendirilmiştir. Karar Ağacı,
Rastgele Orman, Gradyan Arttırma  Modeli
ve Ekstrem Gradyan Arttırma algoritmaları veri işleme görevine çok duyarlı
olduklarından, ağaç tabanlı modeller olarak seçilmiştir. Analiz sonuçları,
"ortalama döngü" bilgilerinin zaman odaklı önbellek saldırılarında
etkili olduğunu göstermektedir. Ayrıca, Ekstrem Gradyan Arttırma algoritması
daha iyi sonuçlar vermiştir. Buna ek olarak, saldırı esnasında elde edilen
zaman bilgileri saldırı tespiti amacıyla kullanılmıştır. Saldırı tespit etmede
derin öğrenme yöntemlerinin oldukça başarılı olduğu gözlemlenmiştir.

Keywords

zaman odaklı önbellek saldırıları makine öğrenmesi

Supporting Institution

İstanbul Teknik Üniversitesi

Project Number

MAP-2017-40642

Thanks

Bu çalışma MAP-2017-40642 numaralı BAP projesi kapsamında İstanbul Teknik Üniversitesi tarafından desteklenmiştir. Teşekkürlerimizi sunarız.

References

  • Kaynakça
  • [1] Daemen, J., & Rijmen, V. (2013). The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media.
  • [2] Chen, T., & Guestrin, C. (2016, August). Xgboost: A scalable tree boosting system. In Proceedings of the 22nd acm sigkdd international conference on knowledge discovery and data mining (pp. 785-794). ACM.
  • [3] Mangal, A., & Kumar, N. (2016, December). Using big data to enhance the bosch production line performance: A Kaggle challenge. In 2016 IEEE International Conference on Big Data (Big Data) (pp. 2029-2035). IEEE.
  • [4] Zhou, Z. H., & Feng, J. (2017). Deep Forest. arXiv preprint arXiv:1702.08835.
  • [5] Breiman, L. (2001). Random forests. Machine learning, 45(1), 5-32.
  • [6] Geurts, P., Ernst, D., & Wehenkel, L. (2006). Extremely randomized trees. Machine learning, 63(1), 3-42.
  • [7] Friedman, J. H. (2001). Greedy function approximation: a gradient boosting machine. Annals of statistics, 1189-1232.
  • [8] Freund, Y., & Schapire, R. E. (1997). A decision-theoretic generalization of on-line learning and an application to boosting. Journal of computer and system sciences, 55(1), 119-139.
  • [9] Friedman, J., Hastie, T., & Tibshirani, R. (2000). Additive logistic regression: a statistical view of boosting (with discussion and a rejoinder by the authors). The annals of statistics, 28(2), 337-407.
  • [10] Natekin, A., & Knoll, A. (2013). Gradient boosting machines, a tutorial. Frontiers in neurorobotics, 7, 21.
  • [11] Page, D. (2002). Theoretical use of cache memory as a cryptanalytic side-channel. IACR Cryptology ePrint Archive, 2002(169).
  • [12] Patterson, D. A., & Hennessy, J. L. (2013). Computer organization and design MIPS edition: the hardware/software interface. Newnes.
  • [13] Canteaut, A., Lauradoux, C., & Seznec, A. (2006). Understanding cache attacks.
  • [14] Younis, Y., Kifayat, K., & Merabti, M. (2014, October). Cache side-channel attacks in cloud computing. In International Conference on Cloud Security Management (ICCSM) (p. 138).
  • [15] Koc, C. K. (2009). About cryptographic engineering. In Cryptographic engineering (pp. 1-4). Springer, Boston, MA.
  • [16] Acıiçmez, O., Schindler, W., & Koç, Ç. K. (2007, February). Cache based remote timing attack on the AES. In Cryptographers’ track at the RSA conference (pp. 271-286). Springer, Berlin, Heidelberg.
  • [17] Acıiçmez, O., Brumley, B. B., & Grabher, P. (2010, August). New results on instruction cache attacks. In International Workshop on Cryptographic Hardware and Embedded Systems (pp. 110-124). Springer, Berlin, Heidelberg.
  • [18] Aciçmez, O., & Koc, C. K. (2006). Trace-driven cache attacks on AES.
  • [19] Neve, M., & Seifert, J. P. (2006, August). Advances on access-driven cache attacks on AES. In International Workshop on Selected Areas in Cryptography (pp. 147-162). Springer, Berlin, Heidelberg.
  • [20] Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., & Miyauchi, H. (2003, September). Cryptanalysis of DES implemented on computers with cache. In International Workshop on Cryptographic Hardware and Embedded Systems (pp. 62-76). Springer, Berlin, Heidelberg.
  • [21] Tsunoo, Y., Tsujihara, E., Shigeri, M., Kubo, H., & Minematsu, K. (2006). Improving cache attacks by considering cipher structure. International Journal of Information Security, 5(3), 166-176.
  • [22] Bernstein, D. J. (2005). Cache-timing attacks on AES.
  • [23] Atici, A. C., Yilmaz, C., & Savas, E. (2016). Remote Cache-Timing Attack without Learning Phase. IACR Cryptology ePrint Archive, 2016, 2.
  • [24] Neve, M. (2006). Cache-based Vulnerabilities and SPAM analysis. Doctor thesis, UCL.
  • [25] Spreitzer, R., & Gérard, B. (2014, June). Towards more practical time-driven cache attacks. In IFIP International Workshop on Information Security Theory and Practice (pp. 24-39). Springer, Berlin, Heidelberg.
  • [26] Palczewska, A., Palczewski, J., Robinson, R. M., & Neagu, D. (2014). Interpreting random forest classification models using a feature contribution method. In Integration of reusable systems (pp. 193-218). Springer, Cham.
  • [27] Molnar, C. (2018). Interpretable machine learning: A guide for making black box models explainable. E-book at< https://christophm. github. io/interpretable-ml-book/>, version dated, 10.
  • [28] Pal, M. (2005). Random forest classifier for remote sensing classification. International Journal of Remote Sensing, 26(1), 217-222.
  • [29] Buduma, N., & Locascio, N. (2017). Fundamentals of deep learning: Designing next-generation machine intelligence algorithms. " O'Reilly Media, Inc.".

Year 2020, Volume: 13 Issue: 1, 57 - 68, 13.04.2020

Burcu Sönmez Sarıkaya

Abstract

Project Number

MAP-2017-40642

References

  • Kaynakça
  • [1] Daemen, J., & Rijmen, V. (2013). The design of Rijndael: AES-the advanced encryption standard. Springer Science & Business Media.
  • [2] Chen, T., & Guestrin, C. (2016, August). Xgboost: A scalable tree boosting system. In Proceedings of the 22nd acm sigkdd international conference on knowledge discovery and data mining (pp. 785-794). ACM.
  • [3] Mangal, A., & Kumar, N. (2016, December). Using big data to enhance the bosch production line performance: A Kaggle challenge. In 2016 IEEE International Conference on Big Data (Big Data) (pp. 2029-2035). IEEE.
  • [4] Zhou, Z. H., & Feng, J. (2017). Deep Forest. arXiv preprint arXiv:1702.08835.
  • [5] Breiman, L. (2001). Random forests. Machine learning, 45(1), 5-32.
  • [6] Geurts, P., Ernst, D., & Wehenkel, L. (2006). Extremely randomized trees. Machine learning, 63(1), 3-42.
  • [7] Friedman, J. H. (2001). Greedy function approximation: a gradient boosting machine. Annals of statistics, 1189-1232.
  • [8] Freund, Y., & Schapire, R. E. (1997). A decision-theoretic generalization of on-line learning and an application to boosting. Journal of computer and system sciences, 55(1), 119-139.
  • [9] Friedman, J., Hastie, T., & Tibshirani, R. (2000). Additive logistic regression: a statistical view of boosting (with discussion and a rejoinder by the authors). The annals of statistics, 28(2), 337-407.
  • [10] Natekin, A., & Knoll, A. (2013). Gradient boosting machines, a tutorial. Frontiers in neurorobotics, 7, 21.
  • [11] Page, D. (2002). Theoretical use of cache memory as a cryptanalytic side-channel. IACR Cryptology ePrint Archive, 2002(169).
  • [12] Patterson, D. A., & Hennessy, J. L. (2013). Computer organization and design MIPS edition: the hardware/software interface. Newnes.
  • [13] Canteaut, A., Lauradoux, C., & Seznec, A. (2006). Understanding cache attacks.
  • [14] Younis, Y., Kifayat, K., & Merabti, M. (2014, October). Cache side-channel attacks in cloud computing. In International Conference on Cloud Security Management (ICCSM) (p. 138).
  • [15] Koc, C. K. (2009). About cryptographic engineering. In Cryptographic engineering (pp. 1-4). Springer, Boston, MA.
  • [16] Acıiçmez, O., Schindler, W., & Koç, Ç. K. (2007, February). Cache based remote timing attack on the AES. In Cryptographers’ track at the RSA conference (pp. 271-286). Springer, Berlin, Heidelberg.
  • [17] Acıiçmez, O., Brumley, B. B., & Grabher, P. (2010, August). New results on instruction cache attacks. In International Workshop on Cryptographic Hardware and Embedded Systems (pp. 110-124). Springer, Berlin, Heidelberg.
  • [18] Aciçmez, O., & Koc, C. K. (2006). Trace-driven cache attacks on AES.
  • [19] Neve, M., & Seifert, J. P. (2006, August). Advances on access-driven cache attacks on AES. In International Workshop on Selected Areas in Cryptography (pp. 147-162). Springer, Berlin, Heidelberg.
  • [20] Tsunoo, Y., Saito, T., Suzaki, T., Shigeri, M., & Miyauchi, H. (2003, September). Cryptanalysis of DES implemented on computers with cache. In International Workshop on Cryptographic Hardware and Embedded Systems (pp. 62-76). Springer, Berlin, Heidelberg.
  • [21] Tsunoo, Y., Tsujihara, E., Shigeri, M., Kubo, H., & Minematsu, K. (2006). Improving cache attacks by considering cipher structure. International Journal of Information Security, 5(3), 166-176.
  • [22] Bernstein, D. J. (2005). Cache-timing attacks on AES.
  • [23] Atici, A. C., Yilmaz, C., & Savas, E. (2016). Remote Cache-Timing Attack without Learning Phase. IACR Cryptology ePrint Archive, 2016, 2.
  • [24] Neve, M. (2006). Cache-based Vulnerabilities and SPAM analysis. Doctor thesis, UCL.
  • [25] Spreitzer, R., & Gérard, B. (2014, June). Towards more practical time-driven cache attacks. In IFIP International Workshop on Information Security Theory and Practice (pp. 24-39). Springer, Berlin, Heidelberg.
  • [26] Palczewska, A., Palczewski, J., Robinson, R. M., & Neagu, D. (2014). Interpreting random forest classification models using a feature contribution method. In Integration of reusable systems (pp. 193-218). Springer, Cham.
  • [27] Molnar, C. (2018). Interpretable machine learning: A guide for making black box models explainable. E-book at< https://christophm. github. io/interpretable-ml-book/>, version dated, 10.
  • [28] Pal, M. (2005). Random forest classifier for remote sensing classification. International Journal of Remote Sensing, 26(1), 217-222.
  • [29] Buduma, N., & Locascio, N. (2017). Fundamentals of deep learning: Designing next-generation machine intelligence algorithms. " O'Reilly Media, Inc.".
There are 30 citations in total.

Details

Primary Language Turkish
Subjects Engineering
Journal Section Makaleler(Araştırma)
Authors

Burcu Sönmez Sarıkaya 0000-0002-5385-9949

Project Number MAP-2017-40642
Publication Date April 13, 2020
Published in Issue Year 2020 Volume: 13 Issue: 1

Cite

APA Sönmez Sarıkaya, B. (2020). AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi ile Tespiti. Türkiye Bilişim Vakfı Bilgisayar Bilimleri Ve Mühendisliği Dergisi, 13(1), 57-68.
AMA Sönmez Sarıkaya B. AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi ile Tespiti. TBV-BBMD. April 2020;13(1):57-68.
Chicago Sönmez Sarıkaya, Burcu. “AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi Ile Tespiti”. Türkiye Bilişim Vakfı Bilgisayar Bilimleri Ve Mühendisliği Dergisi 13, no. 1 (April 2020): 57-68.
EndNote Sönmez Sarıkaya B (April 1, 2020) AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi ile Tespiti. Türkiye Bilişim Vakfı Bilgisayar Bilimleri ve Mühendisliği Dergisi 13 1 57–68.
IEEE B. Sönmez Sarıkaya, “AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi ile Tespiti”, TBV-BBMD, vol. 13, no. 1, pp. 57–68, 2020.
ISNAD Sönmez Sarıkaya, Burcu. “AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi Ile Tespiti”. Türkiye Bilişim Vakfı Bilgisayar Bilimleri ve Mühendisliği Dergisi 13/1 (April 2020), 57-68.
JAMA Sönmez Sarıkaya B. AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi ile Tespiti. TBV-BBMD. 2020;13:57–68.
MLA Sönmez Sarıkaya, Burcu. “AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi Ile Tespiti”. Türkiye Bilişim Vakfı Bilgisayar Bilimleri Ve Mühendisliği Dergisi, vol. 13, no. 1, 2020, pp. 57-68.
Vancouver Sönmez Sarıkaya B. AES Algoritmasına Yapılan Zaman Odaklı Önbellek Saldırılarının Makine Öğrenmesi ile Tespiti. TBV-BBMD. 2020;13(1):57-68.
 Download Cover Image

Article Acceptance

Use user registration/login to upload articles online.

The acceptance process of the articles sent to the journal consists of the following stages:

1. Each submitted article is sent to at least two referees at the first stage.

2. Referee appointments are made by the journal editors. There are approximately 200 referees in the referee pool of the journal and these referees are classified according to their areas of interest. Each referee is sent an article on the subject he is interested in. The selection of the arbitrator is done in a way that does not cause any conflict of interest.

3. In the articles sent to the referees, the names of the authors are closed.

4. Referees are explained how to evaluate an article and are asked to fill in the evaluation form shown below.

5. The articles in which two referees give positive opinion are subjected to similarity review by the editors. The similarity in the articles is expected to be less than 25%.

6. A paper that has passed all stages is reviewed by the editor in terms of language and presentation, and necessary corrections and improvements are made. If necessary, the authors are notified of the situation.

0

.   This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.