Please use this identifier to cite or link to this item: http://hdl.handle.net/1942/31476
Title: Practical Operation Extraction from Electromagnetic Leakage for Side-Channel Analysis and Reverse Engineering
Authors: ROBYNS, Pieter 
DI MARTINO, Mariano 
Giese, Dennis
LAMOTTE, Wim 
QUAX, Peter 
Noubir, Guevara
Issue Date: 2020
Publisher: Association for Computing Machinery
Source: WiSec '20: Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Association for Computing Machinery, p. 161 -172
Abstract: Determining which operations are being executed by a black-box device is an important challenge to tackle in reverse engineering. Furthermore, in order to perform a successful side-channel analysis (SCA) of said operations, their precise timing must be determined. In this paper, we tackle these two challenges in context of an electromagnetic (EM) analysis of a NodeMCU Amica IoT device. More specifically, we propose a convolutional neural network (CNN) architecture that is designed to classify operations performed by the NodeMCU out of a set of 8 possible operations, namely OpenSSL AES, native AES, TinyAES, OpenSSL DES, SHA1-PRF, HMAC-SHA1, SHA1, and SHA1Transform. In addition, we use the same architecture to predict the start and end times of the operation, thereby removing the need for firmware modifications or manual triggers in SCA. Our approach is evaluated using a 66 GB dataset containing 69,632 complex traces of EM leakage, captured with a USRP B210 software defined radio. The best variant of our methodology achieves a classification accuracy of 96.47%, and is able to predict the start and end times of the operation within 34 μs of the ground truth on average. We compare our methodology to classical template matching, and provide our open-source implementation and datasets to the community so that the achieved results can be reproduced. CCS CONCEPTS • Security and privacy → Hardware reverse engineering; Cryptanalysis and other attacks; • Computing methodolo-gies → Neural networks.
Keywords: electromagnetic leakage;side channels;privacy;reverse engi- neering;Wi-Fi;Internet of Things;neural networks;fingerprinting
Document URI: http://hdl.handle.net/1942/31476
ISBN: 9781450380065
DOI: 10.1145/3395351.3399362
Rights: Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org. WiSec ’20, July 8–10, 2020, Linz (Virtual Event), Austria © 2020 Copyright held by the owner/author(s). Publication rights licensed to ACM
Category: C1
Type: Proceedings Paper
Validations: vabb 2023
Appears in Collections:Research publications

Files in This Item:
File Description SizeFormat 
wisec20-147.pdf
  Restricted Access
Published version7.8 MBAdobe PDFView/Open    Request a copy
Show full item record

Page view(s)

98
checked on Sep 7, 2022

Download(s)

26
checked on Sep 7, 2022

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.