Hybrid Deep Learning Model for Multiple Cache Side Channel Attacks Detection: A Comparative Analysis
Tejal Joshi, Aarya Kawalay, Anvi Jamkhande, Amit Joshi
TL;DR
This paper addresses the detection of cache side-channel attacks, focusing on fingerprinting CSCA via HPC-based time-series traces. It proposes a hybrid CNN-LSTM model that combines 1D CNNs for spatial feature extraction with LSTMs for temporal pattern modeling, and benchmarks it against five other deep-learning architectures (MLP, CNN, RNN, GRU, LSTM). The hybrid model achieves superior detection performance across PRIME+PROBE and FLUSH+RELOAD attacks on AES and RSA victims, with up to 99.96% accuracy and very low FP/FN, demonstrating robustness to evolving attack patterns. The work advances CSCA defense by providing a comprehensive comparative analysis and showing that integrating spatial and temporal modeling yields significant performance gains with implications for securing cloud and end-user environments.
Abstract
Cache side channel attacks are a sophisticated and persistent threat that exploit vulnerabilities in modern processors to extract sensitive information. These attacks leverage weaknesses in shared computational resources, particularly the last level cache, to infer patterns in data access and execution flows, often bypassing traditional security defenses. Such attacks are especially dangerous as they can be executed remotely without requiring physical access to the victim's device. This study focuses on a specific class of these threats: fingerprinting attacks, where an adversary monitors and analyzes the behavior of co-located processes via cache side channels. This can potentially reveal confidential information, such as encryption keys or user activity patterns. A comprehensive threat model illustrates how attackers sharing computational resources with target systems exploit these side channels to compromise sensitive data. To mitigate such risks, a hybrid deep learning model is proposed for detecting cache side channel attacks. Its performance is compared with five widely used deep learning models: Multi-Layer Perceptron, Convolutional Neural Network, Simple Recurrent Neural Network, Long Short-Term Memory, and Gated Recurrent Unit. The experimental results demonstrate that the hybrid model achieves a detection rate of up to 99.96%. These findings highlight the limitations of existing models, the need for enhanced defensive mechanisms, and directions for future research to secure sensitive data against evolving side channel threats.