• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

计算机工程与科学 ›› 2024, Vol. 46 ›› Issue (03): 440-452.

• 计算机网络与信息安全 • 上一篇    下一篇

结合决策树和AdaBoost的缓存侧信道攻击检测

李扬1,2,尹大鹏1,马自强1,2,姚梓豪1,2,魏良根1,2   

  1. (1.宁夏大学信息工程学院,宁夏 银川 750021;2.宁夏大数据与人工智能省部共建协同创新中心,宁夏 银川 750021)
  • 收稿日期:2023-07-14 修回日期:2023-09-12 接受日期:2024-03-25 出版日期:2024-03-25 发布日期:2024-03-15
  • 基金资助:
    宁夏回族自治区重点研发计划(2021BEB04047,2022BDE03008);宁夏自然科学基金(2021AAC030781)

Cache side-channel attack detection combining decision tree and AdaBoost

LI Yang1,2,YIN Da-peng1,MA Zi-qiang 1,2,YAO Zi-hao1,2,WEI Liang-gen1,2   

  1. (1.School of Information Engineering,Ningxia University,Yinchuan 750021;
    2.Collaborative Innovation Center for Ningxia Big Data and Artificial Intelligence 
    Co-founded by Ningxia Municipality and Ministry of Education,Yinchuan 750021,China)
  • Received:2023-07-14 Revised:2023-09-12 Accepted:2024-03-25 Online:2024-03-25 Published:2024-03-15

摘要: 缓存侧信道攻击严重威胁各类系统的安全,对攻击进行检测可以有效阻断攻击。为此,提出了一种基于决策树和AdaBoost的AD检测模型,通过匹配系统硬件事件信息特征,快速有效地识别缓存侧信道攻击。首先,分析缓存侧信道攻击特点,提取攻击硬件事件特征模式。其次,利用决策树的快速响应能力,同时结合AdaBoost对数据样本进行加权迭代,对采集的不同负载下的特征数据进行模型训练,优化检测模型在不同负载时的整体检测精度。实验结果表明,该模型在不同系统负载条件下的检测精度均不低于98.8%,能够快速准确地检测出缓存侧信道攻击。

关键词: 系统安全, 缓存侧信道攻击, 机器学习, 检测方法

Abstract: Cache side-channel attacks pose a serious threat to the security of various systems, and detecting the attacks can effectively block the attacks. Therefore, an AD detection model based on decision tree and AdaBoost is proposed to quickly and effectively identify cache side-channel attacks by matching system hardware event information features. Firstly, the characteristics of cache side-channel attacks are analyzed, and attack hardware event feature patterns are extracted. Secondly, the decision tree's rapid response capability is utilized, combined with AdaBoost's weighted iterative learning of data samples, to train the model on different load conditions. The model is optimized to improve the overall detection accuracy under different loads. Experimental results show that the detection accuracy of this model under different system load conditions is not less than 98.8%, and it can quickly and accurately detect cache side-channel attacks.

Key words: system security, cache side-channel attack, machine learning, detection method