DeepAI AI Chat
Log In Sign Up

Data-Driven Debugging for Functional Side Channels

by   Saeid Tizpaz-Niari, et al.

Functional side channels arise when an attacker knows that the secret value of a server stays fixed for a certain time, and can observe the server executes on a sequence of different public inputs, each paired with the same secret input. Thus for each secret, the attackers observe a (partial) function from public values to (for instance) running time, and they can compare these functions for different secrets. First, we define a notion of noninterference for functional side channels. We focus on the case of noisy observations, where we demonstrate on examples that there is a practical functional side channel in programs that would be deemed information-leak-free using the standard definition. Second, we develop a framework and techniques for debugging programs for functional side channels. We adapt existing results and algorithms in functional data analysis (such as functional clustering) to discover the existence of side channels. We use a functional extension of standard decision tree learning to pinpoint the code fragments causing a side channel if there is one. Finally, we empirically evaluate the performance of our tool Fuschia on a series of micro-benchmarks, as well as on realistic Java programs with thousands of methods. Fuschia is able to discover (and locate in the code) functional side channels, including one that was since fixed by the original developers.


page 1

page 2

page 3

page 4


Differential Performance Debugging with Discriminant Regression Trees

Differential performance debugging is a technique to find performance pr...

Quantitative Mitigation of Timing Side Channels

Timing side channels pose a significant threat to the security and priva...

Constantine: Automatic Side-Channel Resistance Using Efficient Control and Data Flow Linearization

In the era of microarchitectural side channels, vendors scramble to depl...

DifFuzz: Differential Fuzzing for Side-Channel Analysis

Side-channel attacks allow an adversary to uncover secret program data b...

Recurrence Extraction for Functional Programs through Call-by-Push-Value (Extended Version)

The main way of analyzing the complexity of a program is that of extract...

On the Convergence of the Polarization Process in the Noisiness/Weak-∗ Topology

Let W be a channel where the input alphabet is endowed with an Abelian g...

Clustering of functional boxplots for multiple streaming time series

In this paper we introduce a micro-clustering strategy for Functional Bo...