Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/145789
Full metadata record
DC FieldValueLanguage
dc.contributor.authorFell, Alexanderen_US
dc.contributor.authorPham, Hung Thinhen_US
dc.contributor.authorLam, Siew-Keien_US
dc.date.accessioned2021-01-08T01:46:36Z-
dc.date.available2021-01-08T01:46:36Z-
dc.date.issued2019-
dc.identifier.citationFell, A., Pham, H. T., & Lam, S.-K. (2019). TAD : time side-channel attack defense of obfuscated source code. Proceedings of the 24th Asia and South Pacific Design Automation Conference, 58-63. doi:10.1145/3287624.3287694en_US
dc.identifier.isbn9781450360074-
dc.identifier.urihttps://hdl.handle.net/10356/145789-
dc.description.abstractProgram obfuscation is widely used to protect commercial software against reverse-engineering. However, an adversary can still download, disassemble and analyze binaries of the obfuscated code executed on an embedded System-on-Chip (SoC), and by correlating execution times to input values, extract secret information from the program. In this paper, we show (1) the impact of widely-used obfuscation methods on timing leakage, and (2) that well-known software countermeasures to reduce timing leakage of programs, are not always effective for low-noise environments found in embedded systems. We propose two methods for mitigating timing leakage in obfuscated codes. The first is a compiler driven method, called TAD, which removes conditional branches with distinguishable execution times for an input program. In the second method (TADCI), TAD is combined with dynamic hardware diversity by replacing primitive instructions with Custom Instructions (CIs) that exhibit non-deterministic execution times at runtime. Experimental results on the RISC-V platform show that the information leakage is reduced by 92% and 82% when TADCI is applied to the original and obfuscated source code, respectively.en_US
dc.description.sponsorshipNational Research Foundation (NRF)en_US
dc.language.isoenen_US
dc.relationNRF2016NCR-NCR001-006en_US
dc.rights© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The published version is available at: https://doi.org/10.1145/3287624.3287694en_US
dc.subjectEngineering::Computer science and engineeringen_US
dc.titleTAD : time side-channel attack defense of obfuscated source codeen_US
dc.typeConference Paperen
dc.contributor.schoolSchool of Computer Science and Engineeringen_US
dc.contributor.conference24th Asia and South Pacific Design Automation Conferenceen_US
dc.contributor.researchCYSRENen_US
dc.identifier.doi10.1145/3287624.3287694-
dc.description.versionAccepted versionen_US
dc.identifier.spage58en_US
dc.identifier.epage63en_US
dc.subject.keywordsSecurityen_US
dc.subject.keywordsSoftware Obfuscationen_US
dc.description.acknowledgementThe research described in this paper has been supported by the National Research Foundation, Singapore under grant number NRF2016NCR-NCR001-006.en_US
item.fulltextWith Fulltext-
item.grantfulltextopen-
Appears in Collections:SCSE Conference Papers
Files in This Item:
File Description SizeFormat 
2019 Fell - TAD Time Side-Channel Attack Defense of Obfuscated Source Code.pdf693.25 kBAdobe PDFThumbnail
View/Open

SCOPUSTM   
Citations 50

8
Updated on Mar 28, 2024

Web of ScienceTM
Citations 20

6
Updated on Oct 30, 2023

Page view(s)

382
Updated on Mar 28, 2024

Download(s) 20

204
Updated on Mar 28, 2024

Google ScholarTM

Check

Altmetric


Plumx

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.