Logo Logo
Hilfe
Hilfe
Switch Language to English

Gupta, Pritha ORCID logoORCID: https://orcid.org/0000-0002-7277-4633; Ramaswamy, Arunselvan ORCID logoORCID: https://orcid.org/0000-0001-7547-8111; Drees, Jan Peter ORCID logoORCID: https://orcid.org/0000-0002-7982-9908; Hüllermeier, Eyke ORCID logoORCID: https://orcid.org/0000-0002-9944-4108; Priesterjahn, Claudia ORCID logoORCID: https://orcid.org/0000-0001-7236-9411 und Jager, Tibor ORCID logoORCID: https://orcid.org/0000-0002-3205-7699 (Februar 2022): Automated Information Leakage Detection: A New Method Combining Machine Learning and Hypothesis Testing with an Application to Side-channel Detection in Cryptographic Protocols. 14th International Conference on Agents and Artificial Intelligence (ICAART 2022), Virtual, February 3-5. In: Proceedings of the 14th International Conference on Agents and Artificial Intelligence, Bd. 2 S. 152-163

Volltext auf 'Open Access LMU' nicht verfügbar.

Abstract

Due to the proliferation of a large amount of publicly available data, information leakage (IL) has become a major problem. IL occurs when secret (sensitive) information of a system is inadvertently disclosed to unauthorized parties through externally observable information. Standard statistical approaches estimate the mutual information between observable (input) and secret information (output), which tends to be a difficult problem for high-dimensional input. Current approaches based on (supervised) machine learning using the accuracy of predictive models on extracted system input and output have proven to be more effective in detecting these leakages. However, these approaches are domain-specific and fail to account for imbalance in the dataset. In this paper, we present a robust autonomous approach to detecting IL, which blends machine learning and statistical techniques, to overcome these shortcomings. We propose to use Fisher’s Exact Test (FET) on the evaluated confusion matrix , which inherently takes the imbalances in the dataset into account. As a use case, we consider the problem of detecting padding side-channels or ILs in systems implementing cryptographic protocols. In an extensive experimental study on detecting ILs in synthetic and real-world scenarios, our approach outperforms the state of the art.

Dokument bearbeiten Dokument bearbeiten