Your search keyword '"Picek, Stjepan"' showing total 11 results

1. Towards Private Deep Learning-Based Side-Channel Analysis Using Homomorphic Encryption : Opportunities and Limitations

Author

Schmid, Fabian, Mukherjee, Shibam, Picek, Stjepan, Stöttinger, Marc, De Santis, Fabrizio, Rechberger, Christian, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Wacquez, Romain, editor, and Homma, Naofumi, editor

Published

2024

2. No (good) loss no gain: systematic evaluation of loss functions in deep learning-based side-channel analysis

Author

Kerkhof, Maikel, Wu, Lichao, Perin, Guilherme, and Picek, Stjepan

Published

2023

3. Unveiling the Threat: Investigating Distributed and Centralized Backdoor Attacks in Federated Graph Neural Networks.

Author

Xu, Jing, Koffas, Stefanos, and Picek, Stjepan

Subjects

GRAPH neural networks, FEDERATED learning, EVIDENCE gaps, DEEP learning

Abstract

Graph neural networks (GNNs) have gained significant popularity as powerful deep learning methods for processing graph data. However, centralized GNNs face challenges in data-sensitive scenarios due to privacy concerns and regulatory restrictions. Federated learning has emerged as a promising technology that enables collaborative training of a shared global model while preserving privacy. Although federated learning has been applied to train GNNs, no research focuses on the robustness of Federated GNNs against backdoor attacks. This article bridges this research gap by investigating two types of backdoor attacks in Federated GNNs: centralized backdoor attack (CBA) and distributed backdoor attack (DBA). Through extensive experiments, we demonstrate that DBA exhibits a higher success rate than CBA across various scenarios. To further explore the characteristics of these backdoor attacks in Federated GNNs, we evaluate their performance under different scenarios, including varying numbers of clients, trigger sizes, poisoning intensities, and trigger densities. Additionally, we explore the resilience of DBA and CBA against two defense mechanisms. Our findings reveal that both defenses cannot eliminate DBA and CBA without affecting the original task. This highlights the necessity of developing tailored defenses to mitigate the novel threat of backdoor attacks in Federated GNNs. [ABSTRACT FROM AUTHOR]

Published

2024

4. Systematic Side-Channel Analysis of Curve25519 with Machine Learning

Author

Weissbart, Léo, Chmielewski, Łukasz, Picek, Stjepan, and Batina, Lejla

Published

2020

5. SoK: Deep Learning-based Physical Side-channel Analysis.

Author

PICEK, STJEPAN, PERIN, GUILHERME, MARIOT, LUCA, LICHAO WU, and BATINA, LEJLA

Subjects

*DEEP learning, *SECURITY management

Abstract

Side-channel attacks represent a realistic and serious threat to the security of embedded devices for already almost three decades. A variety of attacks and targets they can be applied to have been introduced, and while the area of side-channel attacks and their mitigation is very well-researched, it is yet to be consolidated. Deep learning-based side-channel attacks entered the field in recent years with the promise of more competitive performance and enlarged attackers’ capabilities compared to other techniques. At the same time, the new attacks bring new challenges and complexities to the domain, making the systematization of knowledge (SoK) even more critical. We first dissect deep learning-based side-channel attacks according to the different phases they can be used in and map those phases to the efforts conducted so far in the domain. For each phase, we identify the weaknesses and challenges that triggered the known open problems.We also connect the attacks to the threat models and evaluate their advantages and drawbacks. Finally, we provide a number of recommendations to be followed in deep learning-based side-channel attacks. [ABSTRACT FROM AUTHOR]

Published

2023

6. Tipping the Balance: Imbalanced Classes in Deep Learning Side-channel Analysis

Author

Picek, Stjepan, Heuser, Annelie, Jović, Alan, Bhasin, Shivam, and Regazzoni, Francesco

Subjects

training, measurement, machine learning algorithms, prediction algorithms, deep learning, support vector machines, ciphers

Abstract

Machine learning, and more recently, deep learning, have become a standard option for profiling side-channel analysis (SCA) to evaluate the worst-case security. Machine learning-based SCA has advantages over previous approaches like the template attack [1], especially in practical settings where the number of training traces is limited. The advantages of deep learning-based approaches are even more pronounced as such techniques can break protected implementations without feature selection and by using relatively small models (neural networks), [2]. However, the use of popular device leakage models brings in the issue of imbalanced datasets. For instance, Hamming weight or distance model follows a binomial distribution resulting in significantly more training samples in central classes. Further, evaluating the performance of machine learning- based SCA with standard machine learning metrics like accuracy can be misleading. Unfortunately, this problem is not trivial to circumvent by “just” using the SCA metrics as the training process with them is difficult.

Published

2023

7. Resolving the Doubts: On the Construction and Use of ResNets for Side-Channel Analysis.

Author

Karayalcin, Sengim, Perin, Guilherme, and Picek, Stjepan

Subjects

CONVOLUTIONAL neural networks, DEEP learning, REINFORCEMENT learning, SCIENTIFIC community

Abstract

The deep learning-based side-channel analysis gave some of the most prominent side-channel attacks against protected targets in the past few years. To this end, the research community's focus has been on creating the following: (1) powerful multilayer perceptron or convolutional neural network architectures and (2) (if possible) minimal multilayer perceptron or convolutional neural network architectures. Currently, we see that, computationally intensive hyperparameter tuning methods (e.g., Bayesian optimization or reinforcement learning) provide the best results. However, as targets with more complex countermeasures become available, these minimal architectures may be insufficient, and we will require novel deep learning approaches.This work explores how residual neural networks (ResNets) perform in side-channel analysis and how to construct deeper ResNets capable of working with larger input sizes and requiring minimal tuning. The resulting architectures, obtained by following our guidelines, are significantly deeper than commonly seen in side-channel analysis, require minimal hyperparameter tuning for specific datasets, and offer competitive performance with state-of-the-art methods across several datasets. Additionally, the results indicate that ResNets work especially well when the number of profiling traces and features in a trace is large. [ABSTRACT FROM AUTHOR]

Published

2023

8. The Need for Speed: A Fast Guessing Entropy Calculation for Deep Learning-Based SCA.

Author

Perin, Guilherme, Wu, Lichao, and Picek, Stjepan

Subjects

DEEP learning, ARTIFICIAL neural networks, ENTROPY, FEATURE selection, OPTIMAL stopping (Mathematical statistics), LEAK detection, COGNITIVE processing speed

Abstract

The adoption of deep neural networks for profiling side-channel attacks opened new perspectives for leakage detection. Recent publications showed that cryptographic implementations featuring different countermeasures could be broken without feature selection or trace preprocessing. This success comes with a high price: an extensive hyperparameter search to find optimal deep learning models. As deep learning models usually suffer from overfitting due to their high fitting capacity, it is crucial to avoid over-training regimes, which require a correct number of epochs. For that, early stopping is employed as an efficient regularization method that requires a consistent validation metric. Although guessing entropy is a highly informative metric for profiling side-channel attacks, it is time-consuming, especially if computed for all epochs during training, and the number of validation traces is significantly large. This paper shows that guessing entropy can be efficiently computed during training by reducing the number of validation traces without affecting the efficiency of early stopping decisions. Our solution significantly speeds up the process, impacting the performance of the hyperparameter search and overall profiling attack. Our fast guessing entropy calculation is up to 16× faster, resulting in more hyperparameter tuning experiments and allowing security evaluators to find more efficient deep learning models. [ABSTRACT FROM AUTHOR]

Published

2023

9. Reinforcement Learning-Based Design of Side-Channel Countermeasures

Author

Rijsdijk, Jorai, Wu, L., Perin, G., Batina, Lejla, Picek, Stjepan, and Mondal, Mainack

Subjects

Countermeasures, Side-channel analysis, Reinforcement learning, Deep learning

Abstract

Deep learning-based side-channel attacks are capable of breaking targets protected with countermeasures. The constant progress in the last few years makes the attacks more powerful, requiring fewer traces to break a target. Unfortunately, to protect against such attacks, we still rely solely on methods developed to protect against generic attacks. The works considering the protection perspective are few and usually based on the adversarial examples concepts, which are not always easy to translate to real-world hardware implementations. In this work, we ask whether we can develop combinations of countermeasures that protect against side-channel attacks. We consider several widely adopted hiding countermeasures and use the reinforcement learning paradigm to design specific countermeasures that show resilience against deep learning-based side-channel attacks. Our results show that it is possible to significantly enhance the target resilience to a point where deep learning-based attacks cannot obtain secret information. At the same time, we consider the cost of implementing such countermeasures to balance security and implementation costs. The optimal countermeasure combinations can serve as development guidelines for real-world hardware/software-based protection schemes.

Published

2022

10. On the Importance of Pooling Layer Tuning for Profiling Side-Channel Analysis

Author

Wu, L., Perin, G., Zhou, Jianying, Ahmed, Chuadhry Mujeeb, Batina, Lejla, Chattopadhyay, Sudipta, Gadyatskaya, Olga, Jin, Chenglu, Lin, Jingqiang, Losiouk, Eleonora, Luo, Bo, Majumdar, Suryadipta, Maniatakos, Mihalis, Mashima, Daisuke, Meng, Weizhi, Picek, Stjepan, Shimaoka, Masaki, Su, Chunhua, and Wang, Cong

Subjects

Profiling (computer programming), Pooling, Artificial neural network, Computer science, business.industry, Side-channel analysis, Deep learning, Dimensionality reduction, computer.software_genre, Convolutional neural network, Convolutional neural networks, Data mining, Side channel attack, Artificial intelligence, business, computer, TRACE (psycholinguistics)

Abstract

In recent years, the advent of deep neural networks opened new perspectives for security evaluations with side-channel analysis. Profiling attacks now benefit from capabilities offered by convolutional neural networks, such as dimensionality reduction and the inherent ability to reduce the trace desynchronization effects. These neural networks contain at least three types of layers: convolutional, pooling, and dense layers. Although the definition of pooling layers causes a large impact on neural network performance, a study on pooling hyperparameters effect on side-channel analysis is still not provided in the academic community. This paper provides extensive experimental results to demonstrate how pooling layer types and pooling stride and size affect the profiling attack performance with convolutional neural networks. Additionally, we demonstrate that pooling hyperparameters can be larger than usually used in related works and still keep good performance for profiling attacks on specific datasets.

Published

2021

11. Learning From A Big Brother - Mimicking Neural Networks in Profiled Side-channel Analysis.

Author

van der Valk, Daan, Krcek, Marina, Picek, Stjepan, and Bhasin, Shivam

Subjects

DEEP learning, CONVOLUTIONAL neural networks, ARTIFICIAL neural networks, COMPUTER algorithms, DATA analysis

Abstract

Recently, deep learning has emerged as a powerful technique for side-channel attacks, capable of even breaking common countermeasures. Still, trained models are generally large, and thus, performing evaluation becomes resource-intensive. The resource requirements increase in realistic settings where traces can be noisy, and countermeasures are active. In this work, we exploit mimicking to compress the learned models. We demonstrate up to 300 times compression of a state-of-the-art CNN. The mimic shallow network can also achieve much better accuracy as compared to when trained on original data and even reach the performance of a deeper network. [ABSTRACT FROM AUTHOR]

Published

2020