This project aims to develop deep-learning-based non-profiling side channel attack platform that performs comprehensive and inexpensive security evaluation for IoT devices. This approach is extensible to all devices, as direct access and profiling of the devices are not required. The outcomes would provide hardware-based security assurance to support widespread deployment of IoT-based smart sensor for smart nation and smart manufacturing.
This project developed a security evaluation platform suitable for IoT devices, based on “black box” evaluation and using deep learning (DL) based Side Channel Attack (SCA) model to provide comprehensive vulnerabilities checks on the security features (such as AES) that is integrated in the embedded SoC.
The DL-SCA model derived from this work utilized Extreme Learning Machine (ELM) to evaluate the side channel vulnerabilities by processing only the electromagnetic (EM) and power emission from the device. The model is able to break higher order masked AES on ARM microcontroller using only <15% of the data required in the conventional SCA methodology. Compared to other DL-SCA models, the model achieved 70% and 60% data reduction compared Multilayer Perceptron (MLP) and Convolution Neural Network (CNN) approaches. The ELM model can be trained 15x and 30x faster than MLP and CNN respectively.
Furthermore, unlike most of the existing DL SCA models, the developed DL-SCA model promotes nonprofiling attack, which is extensible to all devices without the need of cloned devices or labelled training dataset. Thus it can be an alternative means to provide early stage security assurance/assessment for IoT devices. Full security certification for SoC could cost more than ~$300K to $500K per service. Therefore, incorporating the evaluation model in the development phase can ensure the security quality of the end product and also ease the certification process without incurring excessive expenses.