基于序列密码的强PUF抗机器学习攻击方法

物理不可克隆函数(Physical Unclonable Function,PUF)在信息安全领域具有极其重要的应用前景,然而也存在其自身安全受机器学习攻击等方面的不足.该文通过对PUF电路和密码算法的研究,提出一种基于序列密码的强PUF抗机器学习攻击方法.首先,通过构造滚动密钥生成器产生随机密钥,并与输入激励进行混淆;然后,将混淆后的激励通过串并转换电路作用于强PUF,产生输出响应;最后,利用Python软件仿真和FPGA硬件实现,并分析其安全性和统计特性.实验结果表明,当建模所用激励响应对(Challenge Response Pairs,CRPs)高达106组时,基于逻辑回归、人工神经网络和支持向量机的攻击预测率接近50％的理想值.此外,该方法通用性强、硬件开销小,且不影响PUF的随机性、唯一性以及可靠性.     

基于序列密码的强PUF抗机器学习攻击方法

物理不可克隆函数(Physical Unclonable Function, PUF)在信息安全领域具有极其重要的应用前景,然而也存在其自身安全受机器学习攻击等方面的不足。该文通过对PUF电路和密码算法的研究,提出一种基于序列密码的强PUF抗机器学习攻击方法。首先,通过构造滚动密钥生成器产生随机密钥,并与输入激励进行混淆;然后,将混淆后的激励通过串并转换电路作用于强PUF,产生输出响应;最后,利用Python软件仿真和FPGA硬件实现,并分析其安全性和统计特性。实验结果表明,当建模所用激励响应对(Challenge Response Pairs, CRPs)高达106组时,基于逻辑回归、人工神经网络和支持向量机的攻击预测率接近50%的理想值。此外,该方法通用性强、硬件开销小,且不影响PUF的随机性、唯一性以及可靠性。     

侧信道攻击方法综述

侧信道攻击主要通过采集密码算法在运行过程中所产生的时间、功耗、电磁等“侧信息”,对这些信息泄露进行分析运算从而破解密钥。文章首先分类总结了常见的侧信道攻击方法,其次以RSA公钥密码算法为例,从攻击目标、攻击步骤、攻击手段等方面阐述了其基于模幂运算的计时攻击原理,最后在此基础上分析总结了抗侧信道攻击的防护策略,并给出了一些安全建议。通过以上分类总结,举例验证,为接下来的侧信道攻击研究提供有价值的参考。     

基于阻变存储器的物理不可克隆函数设计

物理不可克隆函数(PUF)将集成电路制造过程中产生的工艺变化作为一种安全原语,已被广泛应用于硬件安全领域,特别是身份认证和密钥存储。提出了一种基于阻变存储器(RRAM)阵列的PUF优化设计,采用2T2R差分存储结构,并利用阵列中RRAM单元的阻值变化产生PUF的随机性,以实现更高安全级别所需的大量激励-响应对(CRP)。RRAM PUF的存储单元基于28 nm工艺实现,其面积仅为0.125μm²,相比传统PUF存储单元面积开销减小,在入侵和侧信道攻击方面具有更好的鲁棒性。实验数据表明,RRAM PUF唯一性达到了约49.78%,片内汉明距离为0%,一致性良好,具有较好的随机性。     

密码产品的侧信道分析与评估

作为一类重要的信息安全产品,密码产品中所使用的密码技术保障了信息的保密性、完整性和不可抵赖性。而侧信道攻击是针对密码产品的一类重要的安全威胁,它主要利用了密码算法运算过程中侧信息(如时间、功耗等)的泄露,通过分析侧信息与秘密信息的依赖关系进行攻击。对密码产品的抗侧信道攻击能力进行评估已成为密码测评的重要内容。该文从攻击性测试、通用评估以及形式化验证3个角度介绍了目前密码产品抗侧信道评估的发展情况。其中攻击性测试是目前密码侧信道测评所采用的最主要的评估方式,它通过执行具体的攻击流程来恢复密钥等秘密信息。后两种方式不以恢复秘密信息等为目的,而是侧重于评估密码实现是否存在侧信息泄露。与攻击性测试相比,它们无需评估人员深入了解具体的攻击流程和实现细节,因此通用性更强。通用评估是以统计测试、信息熵计算等方式去刻画信息泄露的程度,如目前被广泛采用的测试向量泄露评估(TVLA)技术。利用形式化方法对侧信道防护策略有效性进行评估是一个新的发展方向,其优势是可以自动化/半自动化地评估密码实现是否存在侧信道攻击弱点。该文介绍了目前针对软件掩码、硬件掩码、故障防护等不同防护策略的形式化验证最新成果,主要包括基于程序验证、类型推导及模型计数等不同方法。     

扩展的代数侧信道攻击及其应用

Renauld等人提出的代数侧信道攻击是将代数攻击和侧信道攻击结合起来的一种对分组密码的攻击方法.目前的研究主要针对算法的8-bit实现平台,对于更大的如64-bit实现平台,未见文献讨论.为此,本文提出一种扩展的代数侧信道攻击,直接将侧信道信息表示为密钥的显式函数.相比于通常的代数侧信道攻击,所需泄露信息更少.作为应用,给出了对LBlock轻量级分组密码的扩展的代数侧信道攻击,结果如下:对于64-bit平台实现的LBlock,假设其1-3轮输出的Hamming重量可以准确获得,则利用35个已知明文,便可建立关于LBlock 80-bit主密钥的非线性方程组;在普通的PC机上,利用Magma数学软件v2.12-16求Groebner基,1分钟内可以求得80-bit主密钥.这是对LBlock的首个代数侧信道攻击,同时说明Renauld等人给出的对代数侧信道攻击的其中一个防范方法:"将实现方法从8-bit平台转移到更大的设备"是不够的.     

机器学习在信道建模中的应用综述

信道建模是设计无线通信系统的基础,传统的信道建模方法无法自动学习特定类型信道的规律,特别是在针对特殊应用场景,如物联网、毫米波通信、车联网等,存在一定的局限性.此外,机器学习具有有效处理大数据、创建模型的能力,基于此,探讨了机器学习如何与信道建模进行有机融合,分别从信道多径分簇、参数估计、模型的构造及信道的场景识别展开...     

机器学习在无线信道建模中的应用现状与展望

为了适应未来6G通信系统的超宽频谱、超大规模天线阵列、高度异构化以及众多新型应用场景,信道建模成为新系统开发必不可少的技术基础.由于6G通信系统将具有典型的大数据特征,基于机器学习的数据驱动型无线信道建模方法已经将成为未来信道模型开发的重要手段.综合分析机器学习在无线信道建模中的应用现状,主要包括确定性信道模型的射线追...     

基于人工神经网络特征向量提取的FF-APUF攻击方法

为评估物理不可克隆函数(PUF)的安全性,需针对不同的PUF结构设计相应的攻击方法.该文通过对强PUF电路结构和工作机理的研究,利用人工神经网络(ANN)提出一种针对触发器-仲裁器物理不可克隆函数(FF-APUF)的有效攻击方法.首先,根据FF-APUF电路结构,利用多维数组构建电路延时模型;然后,对FF-APUF的二进制激励进行邻位划分,将划分后的激励转换为十进制并表示为行向量,实现特征向量提取;最后,基于提取的特征向量利用ANN构建攻击模型并通过后向传播算法获得最优参数.实验结果表明,相同条件下攻击预测率均高于其他3种常用的机器学习方法,尤其当激励响应对(CRP)数量较少、激励位数较多时,优势更加明显.当激励位数为128、CRP个数为100和500时,平均攻击预测率分别提高36.0％和16.1％.此外,该方法具有良好的鲁棒性和可扩展性,不同噪声系数下攻击预测率与可靠性相差最大仅0.32％.     

基于深度学习的侧信道攻击：进展与问题

深度学习的兴起,促进了侧信道攻击技术的发展。相比于传统的侧信道攻击方法,基于深度学习的侧信道攻击具有攻击准确率高、效果好、能克服典型防护技术等优势,对密码设备的安全性构成了严重的威胁,但也存在着一些亟待解决的问题。文章从基于深度学习侧信道攻击技术的基本原理入手,介绍了攻击的具体流程,接着分析了基于深度学习侧信道攻击中面临的问题并给出了相应的解决方案,最后对全文进行了总结。     

A novel current controlled configurable RO PUF with improved security metrics

Physical Unclonable Functions (PUFs) are promising hardware security primitives which produce unique signatures. Out of several delay based PUF circuits, Configurable Ring Oscillator (CRO) PUF has got higher uniqueness and it is resilient against modelling attacks. In this paper, we present a novel Current controlled CRO (C-CRO) PUF in which inverters of RO uses different logic styles: static CMOS and Feedthrough logic (FTL). Use of different logic styles facilitates improvement of security metrics of PUF. The analysis of security metrics of the proposed architecture is carried out in 90 nm CMOS technology shows, using FTL logic leads to better security metrics. Proposed C-CRO PUF is also both power and area efficient. Further, in order to measure the vulnerability of proposed PUF, machine learning attack is carried out and the result shows FTL RO based C-CRO PUF is highly resilient to machine learning attack because of its non-linearity property.     

Recent advances in deep learning‐based side‐channel analysis

As side‐channel analysis and machine learning algorithms share the same objective of classifying data, numerous studies have been proposed for adapting machine learning to side‐channel analysis. However, a drawback of machine learning algorithms is that their performance depends on human engineering. Therefore, recent studies in the field focus on exploiting deep learning algorithms, which can extract features automatically from data. In this study, we survey recent advances in deep learning‐based side‐channel analysis. In particular, we outline how deep learning is applied to side‐channel analysis, based on deep learning architectures and application methods. Furthermore, we describe its properties when using different architectures and application methods. Finally, we discuss our perspective on future research directions in this field.     

基于亚阈值电流阵列的低成本物理不可克隆电路设计

物理不可克隆函数(PUF)能够提取出集成电路在加工过程中的工艺误差并将其转化为安全认证的密钥。由于常用于资源及功耗都受限的场合,实用化的PUF电路需要极高的硬件利用效率及较强的抗攻击性能。该文提出一种基于亚阈值电流阵列放电方案的低成本PUF电路设计方案。亚阈值电流阵列的电流具有极高的非线性特点,通过引入栅控开关和交叉耦合的结构,能够显著提升PUF电路的唯一性和稳定性。此外,通过引入亚阈值电流的设计可以极大地提高PUF的安全性,降低传统攻击手段的建模攻击。为了提升芯片的资源利用率,通过详细紧凑的版图设计和优化,该文提出的PUF单元面积仅为377.4 μm2,使得其特别适合物联网等低功耗低成本应用场景。仿真结果表明,该文所提亚阈值电路放电阵列PUF具有良好的唯一性和稳定性,无需校准电路的标准温度电压下唯一性为48.85%;在温度范围–20～80°C,电压变动范围为0.9～1.3V情况下,其可靠性达到了99.47%。     

基于人工神经网络特征向量提取的FF-APUF攻击方法

为评估物理不可克隆函数(PUF)的安全性,需针对不同的PUF结构设计相应的攻击方法。该文通过对强PUF电路结构和工作机理的研究,利用人工神经网络(ANN)提出一种针对触发器-仲裁器物理不可克隆函数(FF-APUF)的有效攻击方法。首先,根据FF-APUF电路结构,利用多维数组构建电路延时模型;然后,对FF-APUF的二进制激励进行邻位划分,将划分后的激励转换为十进制并表示为行向量,实现特征向量提取;最后,基于提取的特征向量利用ANN构建攻击模型并通过后向传播算法获得最优参数。实验结果表明,相同条件下攻击预测率均高于其他3种常用的机器学习方法,尤其当激励响应对(CRP)数量较少、激励位数较多时,优势更加明显。当激励位数为128、CRP个数为100和500时,平均攻击预测率分别提高36.0%和16.1%。此外,该方法具有良好的鲁棒性和可扩展性,不同噪声系数下攻击预测率与可靠性相差最大仅0.32%。     

A survey on attack vectors in stack cache memory

Over past few decades, various ways have been conducted through side channel attacks to steal information for a computer system. Unlike conventional hardware-based methods, i.e. power-based side channel, side channel on micro-architecture does not require any physical access to the devices under interest. Instead, only compromised programs need to be co-located on the same machine as the victim. For some other scenarios, malicious users can form side channel information leveraging the timing of program execution. In this survey, we are presenting a comprehensive taxonomy of attack vectors in stack cache memory modules, which mostly are the points of attack by side channel. Due to the significance of side channel attacks, the challenges and overheads of these attack vectors are described through the course of this study. We discuss what side channel attacks are, how they are used, and how they can be prevented through the use of obfuscation techniques. To accomplish this, we introduce the findings of a number of relevant works. These include successful attacks on systems using novel variations of side channel attacks and preventative measures against the attacks.     

Utility analysis and evaluation method study of side channel information

In order to improve the efficiency and success rate of the side channel attack, the utility of side channel information of the attack object must be analyzed and evaluated before the attack implementation. Based on the study of side-channel attack techniques, a method is proposed in this paper to analyze and evaluate the utility of side channel information and the evaluation indexes of comentropy Signal-to-Noise Ratio （SNR） are introduced. On this basis, the side channel information （power and electromagnetic） of a side channel attack experiment board is analyzed and evaluated, and the Data Encryption Standard （DES） cipher algorithm is attacked with the differential power attack method and differential electromagnetic attack method. The attack results show the effectiveness of the analysis and evaluation method proposed in this paper.     

DDoS attack detection and defense based on hybrid deep learning model in SDN

Software defined network (SDN) is a new kind of network technology,and the security problems are the hot topics in SDN field,such as SDN control channel security,forged service deployment and external distributed denial of service (DDoS) attacks.Aiming at DDoS attack problem of security in SDN,a DDoS attack detection method called DCNN-DSAE based on deep learning hybrid model in SDN was proposed.In this method,when a deep learning model was constructed,the input feature included 21 different types of fields extracted from the data plane and 5 extra self-designed features of distinguishing flow types.The experimental results show that the method has high accuracy,it’s better than the traditional support vector machine (SVM) and deep neural network (DNN) and other machine learning methods.At the same time,the proposed method can also shorten the processing time of classification detection.The detection model is deployed in SDN controller,and the new security policy is sent to the OpenFlow switch to achieve the defense against specific DDoS attack.     

抗侧信道攻击的服务功能链部署方法

侧信道攻击是当前云计算环境下多租户间信息泄露的主要途径,针对现有服务功能链(SFC)部署方法未充分考虑多租户环境下虚拟网络功能(VNF)面临的侧信道攻击问题,该文提出一种抗侧信道攻击的服务功能链部署方法。引入基于时间均值的租户分类策略以及结合历史信息的部署策略,在满足服务功能链资源约束条件下,以最小化租户所能覆盖的服务器数量为目标建立相应的优化模型,并设计了基于贪婪选择的部署算法。实验结果表明,与其他部署方法相比,该方法显著提高了恶意租户实现共存的难度与代价,降低了租户面临的侧信道攻击风险。     

Supervised learning‐based DDoS attacks detection: Tuning hyperparameters

Two supervised learning algorithms, a basic neural network and a long short‐term memory recurrent neural network, are applied to traffic including DDoS attacks. The joint effects of preprocessing methods and hyperparameters for machine learning on performance are investigated. Values representing attack characteristics are extracted from datasets and preprocessed by two methods. Binary classification and two optimizers are used. Some hyperparameters are obtained exhaustively for fast and accurate detection, while others are fixed with constants to account for performance and data characteristics. An experiment is performed via TensorFlow on three traffic datasets. Three scenarios are considered to investigate the effects of learning former traffic on sequential traffic analysis and the effects of learning one dataset on application to another dataset, and determine whether the algorithms can be used for recent attack traffic. Experimental results show that the used preprocessing methods, neural network architectures and hyperparameters, and the optimizers are appropriate for DDoS attack detection. The obtained results provide a criterion for the detection accuracy of attacks.