Automated Information Leakage Detection: A New Method Combining Machine Learning and Hypothesis Testing with an Application to Side-channel Detection in Cryptographic Protocols
Pritha Gupta, Arunselvan Ramaswamy, Jan Drees, Eyke Hüllermeier, Claudia Priesterjahn, Tibor Jager
2022
Abstract
Due to the proliferation of a large amount of publicly available data, information leakage (IL) has become a major problem. IL occurs when secret (sensitive) information of a system is inadvertently disclosed to unauthorized parties through externally observable information. Standard statistical approaches estimate the mutual information between observable (input) and secret information (output), which tends to be a difficult problem for high-dimensional input. Current approaches based on (supervised) machine learning using the accuracy of predictive models on extracted system input and output have proven to be more effective in detecting these leakages. However, these approaches are domain-specific and fail to account for imbalance in the dataset. In this paper, we present a robust autonomous approach to detecting IL, which blends machine learning and statistical techniques, to overcome these shortcomings. We propose to use Fisher’s Exact Test (FET) on the evaluated confusion matrix, which inherently takes the imbalances in the dataset into account. As a use case, we consider the problem of detecting padding side-channels or ILs in systems implementing cryptographic protocols. In an extensive experimental study on detecting ILs in synthetic and real-world scenarios, our approach outperforms the state of the art.
DownloadPaper Citation
in Harvard Style
Gupta P., Ramaswamy A., Drees J., Hüllermeier E., Priesterjahn C. and Jager T. (2022). Automated Information Leakage Detection: A New Method Combining Machine Learning and Hypothesis Testing with an Application to Side-channel Detection in Cryptographic Protocols. In Proceedings of the 14th International Conference on Agents and Artificial Intelligence - Volume 2: ICAART, ISBN 978-989-758-547-0, pages 152-163. DOI: 10.5220/0010793000003116
in Bibtex Style
@conference{icaart22,
author={Pritha Gupta and Arunselvan Ramaswamy and Jan Drees and Eyke Hüllermeier and Claudia Priesterjahn and Tibor Jager},
title={Automated Information Leakage Detection: A New Method Combining Machine Learning and Hypothesis Testing with an Application to Side-channel Detection in Cryptographic Protocols},
booktitle={Proceedings of the 14th International Conference on Agents and Artificial Intelligence - Volume 2: ICAART,},
year={2022},
pages={152-163},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010793000003116},
isbn={978-989-758-547-0},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 14th International Conference on Agents and Artificial Intelligence - Volume 2: ICAART,
TI - Automated Information Leakage Detection: A New Method Combining Machine Learning and Hypothesis Testing with an Application to Side-channel Detection in Cryptographic Protocols
SN - 978-989-758-547-0
AU - Gupta P.
AU - Ramaswamy A.
AU - Drees J.
AU - Hüllermeier E.
AU - Priesterjahn C.
AU - Jager T.
PY - 2022
SP - 152
EP - 163
DO - 10.5220/0010793000003116