Methods and Systems for Side Channel Analysis Detection and Protection
First Claim
1. A method of detecting side channel attacks in a computing device, comprising:
- monitoring an activity of the computing device;
generating a behavior vector based on the monitored activity; and
applying the generated behavior vector to a classifier model to determine whether a side channel attack is underway.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing device may use machine learning techniques to determine whether a side channel attack is underway and perform obfuscation operations (e.g., operations to raise the noise floor) or other similar operations to stop or prevent a detected side channel attack. The computing device may determine that a side channel attack is underway in response to determining that the computing device is in airplane mode, that the battery of the computing device the battery has been replaced with a stable DC power supply, that the touch-screen display of the computing device has been disconnected, that there are continuous calls to a cipher application programming interface (API) using the same cipher key, that there has been tampering with a behavioral analysis engine of the computing device, or any combination thereof.
-
Citations
28 Claims
-
1. A method of detecting side channel attacks in a computing device, comprising:
-
monitoring an activity of the computing device; generating a behavior vector based on the monitored activity; and applying the generated behavior vector to a classifier model to determine whether a side channel attack is underway. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computing device, comprising:
-
means for monitoring an activity of the computing device; means for generating a behavior vector based on the monitored activity; and means for applying the generated behavior vector to a classifier model to determine whether a side channel attack is underway. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computing device, comprising:
a processor configured with processor-executable instructions to perform operations further comprising; monitoring an activity of the computing device; generating a behavior vector based on the monitored activity; and applying the generated behavior vector to a classifier model to determine whether a side channel attack is underway. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
22. A non-transitory computer readable storage medium having stored thereon processor-executable software instructions configured to cause a processor of a computing device to perform operations for detecting side channel attacks, the operations comprising:
-
monitoring an activity of the computing device; generating a behavior vector based on the monitored activity; and applying the generated behavior vector to a classifier model to determine whether a side channel attack is underway. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
Specification