*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Software Profiling via Electromagnetic Side-Channel Signal
Alireza Nazari
School of Computer Science
College of Computing
Georgia Institute of Technology
Date: Monday, December 2nd, 2019
Time: 9:00 - 11:00 AM (EST)
Location: Klaus 2100
Committee:
Dr. Milos Prvulovic (Advisor), School of Computer Science, Georgia Institute of Technology
Dr. Alenka Zajic(Co-advisor), School of Computer Science, Georgia Institute of Technology
Dr. Alessandro Orso, School of Computer Science, Georgia Institute of Technology
Dr. Moinuddin Qureshi, School of Electrical and Computer Engineering, Georgia Institute of Technology
Dr. Tushar Krishna, School of Electrical and Computer Engineering, Georgia Institute of Technology
Abstract:
This thesis develops general methods to exploit information leaked in Electromagnetic (EM) emanations for profiling software applications. A broad range of computing devices and software applications can benefit from these methods. Computers radiate EM emanations when voltage and current flows change as a result of software program activity. EM emanations can be intercepted and analyzed to extract information about corresponding computation. Traditionally, EM side-channel has been leveraged to gather critical information about cryptographic algorithms. This information is used by cryptography researches to extract secret cryptographic keys from computing devices as the devices perform encryption operations. The design and implementation of this analysis is usually done ad-hoc, for a specific implementation of a cryptographic algorithm on a particular machine.
The wide range of information that can be gathered from EM emanations signals suggests that it is useful for more purposes than cryptographic analysis. Moreover, there are two major benefits in using these signals. First, they can be received remotely and no contact with device is needed. This specially benefits embedded devices where access to the device is not easy or even possible. Second, the EM signal can be received and processed in a physically separate machine. This also benefits real-time and cyber-physical devices which have very limited computation and memory resources. Until now, only few bodies of work tried to explore the complex relationship between EM emanations, underlying architecture and software application.
It is viable to use EM emanation as a tool for profiling application and infer various levels of information from it. This information may span from detailed statistics of an event in the underlying machine to timing information of the software program's code in large granularity. However, profiling this information requires a general approach that can be automatically applied to diverse programs and machines. Toward this goal, this thesis has developed (1) A new approach for profiling software programs that leverages unintentional EM side-channel and allows highly accurate profiling of loops and other repetitive activity, without perturbing the profiled system, (2) A new method for anomaly detection in program execution that monitors application's repetitive behavior, (3) an external memory profiler that infers last-level cache misses from EM side-channel signal, (4) a technique that extends the other proposed methods to multi-core systems by blind separation of EM emanation sources.