AI Chat Paper
Note: Please note that the following content is generated by AMiner AI. SciOpen does not take any responsibility related to this content.
{{lang === 'zh_CN' ? '文章概述' : 'Summary'}}
{{lang === 'en_US' ? '中' : 'Eng'}}
Chat more with AI
PDF (970.3 KB)
Collect
Submit Manuscript AI Chat Paper
Show Outline
Outline
Show full outline
Hide outline
Outline
Show full outline
Hide outline
Open Access

SPIDER: Speeding up Side-Channel Vulnerability Detection via Test Suite Reduction

Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China
Show Author Information

Abstract

Side-channel attacks allow adversaries to infer sensitive information, such as cryptographic keys or private user data, by monitoring unintentional information leaks of running programs. Prior side-channel detection methods can identify numerous potential vulnerabilities in cryptographic implementations with a small amount of execution traces due to the high diffusion of secret inputs in crypto primitives. However, because non-cryptographic programs cover different paths under various sensitive inputs, extending existing tools for identifying information leaks to non-cryptographic applications suffers from either insufficient path coverage or redundant testing. To address these limitations, we propose a new dynamic analysis framework named SPIDER that uses fuzzing, execution profiling, and clustering for a high path coverage and test suite reduction, and then speeds up the dynamic analysis of side-channel vulnerability detection in non-cryptographic programs. We analyze eight non-cryptographic programs and ten cryptographic algorithms under SPIDER in a fully automated way, and our results confirm the effectiveness of test suite reduction and the vulnerability detection accuracy of the whole framework.

References

【1】
【1】
 
 
Tsinghua Science and Technology
Pages 47-58

{{item.num}}

Comments on this article

Go to comment

< Back to all reports

Review Status: {{reviewData.commendedNum}} Commended , {{reviewData.revisionRequiredNum}} Revision Required , {{reviewData.notCommendedNum}} Not Commended Under Peer Review

Review Comment

Close
Close
Cite this article:
Yan F, Wu R, Zhang L, et al. SPIDER: Speeding up Side-Channel Vulnerability Detection via Test Suite Reduction. Tsinghua Science and Technology, 2023, 28(1): 47-58. https://doi.org/10.26599/TST.2021.9010078

1821

Views

144

Downloads

3

Crossref

3

Web of Science

4

Scopus

0

CSCD

Received: 01 October 2021
Accepted: 13 October 2021
Published: 21 July 2022
© The author(s) 2023.

The articles published in this open access journal are distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/).