A Cross-Platform Cache Timing Attack Framework via Deep Learning
Ruyi Ding1,a, Ziyue Zhang2,e, Xiang Zhang1,b, Cheng Gongye1,c, Yunsi Fei1,d and Aidong A. Ding2,f
1Department of Electrical and Computer Engineering
ading.ruy@northesatern.edu
bzhang.xiang1@northesatern.edu
cgongye.c@northesatern.edu
dy.fei@northesatern.edu
2Department of Mathematics Northeastern University, Boston, MA, USA
ezhang.ziyue@northesatern.edu
fa.ding@northesatern.edu
ABSTRACT
While deep learning methods have been adopted in power side-channel analysis, they have not been applied to cache timing attacks due to the limited dimension of cache timing data. This paper proposes a persistent cache monitor based on cache line flushing instructions, which runs concurrently to a victim execution and captures detailed memory access patterns in highdimensional timing traces. We discover a new cache timing sidechannel across both inclusive and non-inclusive caches, different from the traditional "Flush+Flush" timing leakage. We then propose a non-profiling differential deep learning analysis strategy to exploit the cache timing traces for key recovery. We further propose a framework for cross-platform cache timing attack via deep learning. Knowledge learned from profiling a common reference device can be transferred to build models to attack many other victim devices, even in different processor families. We take the OpenSSL AES-128 encryption algorithm as an example victim and deploy an asynchronous cache attack. We target three different devices from Intel, AMD, and ARM processors. We examine various scenarios for assigning the teacher role to one device and the student role to other devices, and evaluate the crossplatform deep-learning attack framework. Experimental results show that this new attack is easily extendable to victim devices and is more effective than attacks without any prior knowledge.
Keywords: Side-Channel Attacks, Deep Learning, Computer Architecture.
