Go to DBLP homepageCSCAD: An Adaptive LightGBM Algorithm to Detect Cache Side-Channel Attacks
Abstract: Cache side-channel attacks have become more sophisticated and more destructive to the security of computer architectures and cloud platforms than ever before, resulting in the leakage of privacy information. Prior efforts focused on designing countermeasures instead of timely detection. To address the challenges introduced by cache side-channel attacks, anomaly detection and feature detection were proposed. However, these methods have drawbacks in terms of computational performance and detection effectiveness. In this article, we proposed Cache Side-Channel Attack Detector(CSCAD), a novel tool for detecting cache side-channel attacks against memory events in real time. Specifically, we design a collector using Hardware Performance Counters and use improved Maximum Information Coefficient to generate feature vectors. Meanwhile, an adaptive genetic algorithm with crossover and mutation probability is proposed to optimize hyperparameters of LightGBM. Additionally, an adaptive loss function weight model with low overhead is introduced to enhance efficiency of attack detection. It is encouraging to see that CSCAD achieved a recall of 98.14%. In detecting 1000 samples, it boosted the detection speed by approximately 75% compared to conventional machine learning methods. CSCAD has outperformed the state-of-the-art methods by simultaneously achieving excellent detection speed and effectiveness.
Loading