Profit: Detecting and Quantifying Side Channels in Networked Applications

Rosner, Nicolás; Kadron, Ismet Burak; Bang, Lucas; Bultan, Tevfik

doi:10.14722/ndss.2019.23536

Cited by 14 publications

(19 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Each output feature can be affected by any part of the input-including those that are related to the secret of interest, and those that are not. Prior work [14,15,40,47] requires the user to provide the full input suite before the analysis begins. Thus, the user must sample the input space in some way that covers all its dimensions adequately.…”

Section: Motivation and Overviewmentioning

confidence: 99%

“…Assume that a software system, use case, and secret of interest are selected by the user. We reuse the following definitions from the system model in [40]. The input domain I is the set of all valid inputs for the use case.…”

Section: System Modelmentioning

confidence: 99%

“…There has been prior work on quantifying leakage in network traces in particular [40,47] and in program traces in general [14,15]. However, all of them rely on manually generated input suites and do not address the problem of the quality of the input suite.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Feedback-driven side-channel analysis for networked applications

Kadron

Rosner

Bultan

2020

Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis

Self Cite

View full text Add to dashboard Cite

Information leakage in software systems is a problem of growing importance. Networked applications can leak sensitive information even when they use encryption. For example, some characteristics of network packets, such as their size, timing and direction, are visible even for encrypted traffic. Patterns in these characteristics can be leveraged as side channels to extract information about secret values accessed by the application. In this paper, we present a new tool called AutoFeed for detecting and quantifying information leakage due to side channels in networked software applications. AutoFeed profiles the target system and automatically explores the input space, explores the space of output features that may leak information, quantifies the information leakage, and identifies the top-leaking features. Given a set of input mutators and a small number of initial inputs provided by the user, AutoFeed iteratively mutates inputs and periodically updates its leakage estimations to identify the features that leak the greatest amount of information about the secret of interest. AutoFeed uses a feedback loop for incremental profiling, and a stopping criterion that terminates the analysis when the leakage estimation for the top-leaking features converges. AutoFeed also automatically assigns weights to mutators in order to focus the search of the input space on exploring dimensions that are relevant to the leakage quantification. Our experimental evaluation on the benchmarks shows that AutoFeed is effective in detecting and quantifying information leaks in networked applications. CCS CONCEPTS • Security and privacy → Software and application security; Web application security.

show abstract

Section: Motivation and Overviewmentioning

confidence: 99%

Section: System Modelmentioning

confidence: 99%

See 1 more Smart Citation

Feedback-driven side-channel analysis for networked applications

Kadron

Rosner

Bultan

2020

Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis

Self Cite

View full text Add to dashboard Cite

show abstract

“…Potential side channels include those in execution time, memory usage, size and timings of network packets, and power consumption. Although side-channel vulnerabilities due to hardware (such as vulnerabilities that exploit the cache behavior) have been extensively studied [1, 2, 10, 13, 15-17, 19, 23], software side channels have only recently become an active area of research, including recent results on software side-channel detection [4,8,11,12,18,22,24] and quantification [5,20,21], and Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored.…”

Section: Side Channels In Softwarementioning

confidence: 99%

Detection and mitigation of JIT-induced side channels

Brennan

2020

Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Companion Proceedings

View full text Add to dashboard Cite

“…The works [23,50] Dynamic Analysis for Side-Channel Detections. Dynamic analysis has been used for side-channel detections [38,41,42]. Diffuzz [41] is a fuzzing techniques for finding side channels.…”

Section: Related Workmentioning

confidence: 99%

Efficient Detection and Quantification of Timing Leaks with Neural Networks

Tizpaz-Niari

Černý

Sankaranarayanan

et al. 2019

Runtime Verification

View full text Add to dashboard Cite

Detection and quantification of information leaks through timing side channels are important to guarantee confidentiality. Although static analysis remains the prevalent approach for detecting timing side channels, it is computationally challenging for real-world applications. In addition, the detection techniques are usually restricted to "yes" or "no" answers. In practice, real-world applications may need to leak information about the secret. Therefore, quantification techniques are necessary to evaluate the resulting threats of information leaks. Since both problems are very difficult or impossible for static analysis techniques, we propose a dynamic analysis method. Our novel approach is to split the problem into two tasks. First, we learn a timing model of the program as a neural network. Second, we analyze the neural network to quantify information leaks. As demonstrated in our experiments, both of these tasks are feasible in practice -making the approach a significant improvement over the state-of-the-art side channel detectors and quantifiers. Our key technical contributions are (a) a neural network architecture that enables side channel discovery and (b) an MILP-based algorithm to estimate the side-channel strength. On a set of micro-benchmarks and real-world applications, we show that neural network models learn timing behaviors of programs with thousands of methods. We also show that neural networks with thousands of neurons can be efficiently analyzed to detect and quantify information leaks through timing side channels.

show abstract

Profit: Detecting and Quantifying Side Channels in Networked Applications

Cited by 14 publications

References 35 publications

Feedback-driven side-channel analysis for networked applications

Feedback-driven side-channel analysis for networked applications

Detection and mitigation of JIT-induced side channels

Efficient Detection and Quantification of Timing Leaks with Neural Networks

Contact Info

Product

Resources

About