Research Artifact of USENIX Security 2022 Paper: Automated Side Channel Analysis of Media Software with Manifold Learning

Overview

Manifold-SCA

Research Artifact of USENIX Security 2022 Paper: Automated Side Channel Analysis of Media Software with Manifold Learning

The repo is organized as:

📂manifold-sca
 ┣ 📂vulnerability
 ┃ ┣ 📂contribution
 ┃ ┣ 📜{dataset}-{program}-count.json
 ┃ ┗ 📜{program}.dis
 ┣ 📂code
 ┃ ┣ 📂SCA
 ┃ ┣ 📂tools
 ┃ ┗ 📂pp
 ┣ 📂audio
 ┗ 📂output

Code

We release our code in folder code. The implementation of our framework is in folder code/SCA and tools we use to process input/output data are listed in folder code/tools. To launch Prime+Prob, you can use the code in code/pp.

Attack

To prepare the training data for learning data manifold, you first need to instrument the binary with the released pintool code/tools/pinatrace.cpp. You will get a sequence of instruction address: accessed address when the binary processes a media data. Then you need to fold the sequence of accessed address into a matrix and convert the matrix with correct format (e.g., tensor, or numpy array).

We release the scripts for training the framework in folder code/SCA. Before training you need to first customize data paths in each script. The training procedure ends after 100 epochs and takes less than 24 hours on one Nvidia GeForce RTX 2080 GPU.

Localize

Recall that we localize vulnerabilities by pinpointing records in a trace that contribute most to reconstructing media data. So, to perform localization, you need first train the framework as we introduced before.

After training the framework, you just need to run code/localize.py and code/pinpoint.py to localize records in a side channel trace. Note that what you get in this step are several accessed addresses with their indexes in the trace. You need further get the corresponding instruction addresses based on the instrument output you generated when preparing training data.

We release the localized vulnerabilities in folder vulnerability. In folder vulnerability/contribution, we list the corresponding instruction addresses of records that make primary contribution to the reconstruction of media data. We further map the pinpoined instructions back to the corresponding functions. These functions are regarded as side-channel vulnerable functions. We list the results in {dataset}-{program}-count.json, where higher counting indicates a higher possibility of being vulnerable.

Despite each program is evaluated on different datasets, we can still observe that highly consistent vulnerabilities are localized in the same program.

Prime+Probe

We use Mastik to launch Prime+Probe on L1 cache of Intel Xeon CPU and AMD Ryzen CPU. We release our scripts in folder code/pp.

The experiment is launched in Linux OS. You need first to install taskset and cpuset.

We assume victim and spy are on the same CPU core and no other process is runing on this CPU core. To isolate a CPU core, you need to run sudo cset shield --cpu {cpu_id}.

Then run sudo cset shield --exec python run_pp.py -- {cpu_id} {segment_id}. Note that we seperate the media data into several segments to speed up the side channel collection. code/pp/run_pp.py runs code/pp/pp_audio.py with taskset. code/pp/pp_audio.py is the coordinator which runs spy and victim on the same CPU core simultaneously and saves the collected cache set access.

Audio

We upload all (total 2,552) audios reconstructed by our framework under Prime+Probe to folder audio/sc09-pp for result verification. Each audio is named as {Number}_{hash}_{index}.wav and the {Number} is the content of the corresponding reference input, e.g., for a reconstructed audio One_94de6a6a_nohash_1.wav, the number said in the reference input is one. As we reported in the paper, most (~80%) of the audios have consistent contents (i.e., the numbers) with the reference inputs.

Output

We upload media data reconstructed by our framework in folder output.

Owner
Yuanyuan Yuan
Yuanyuan Yuan
Code for CVPR2021 paper "Robust Reflection Removal with Reflection-free Flash-only Cues"

Robust Reflection Removal with Reflection-free Flash-only Cues (RFC) Paper | To be released: Project Page | Video | Data Tensorflow implementation for

Chenyang LEI 162 Jan 05, 2023
Hybrid CenterNet - Hybrid-supervised object detection / Weakly semi-supervised object detection

Hybrid-Supervised Object Detection System Object detection system trained by hybrid-supervision/weakly semi-supervision (HSOD/WSSOD): This project is

5 Dec 10, 2022
Official code of paper: MovingFashion: a Benchmark for the Video-to-Shop Challenge

SEAM Match-RCNN Official code of MovingFashion: a Benchmark for the Video-to-Shop Challenge paper Installation Requirements: Pytorch 1.5.1 or more rec

HumaticsLAB 31 Oct 10, 2022
Deep-Learning-Book-Chapter-Summaries - Attempting to make the Deep Learning Book easier to understand.

Deep-Learning-Book-Chapter-Summaries This repository provides a summary for each chapter of the Deep Learning book by Ian Goodfellow, Yoshua Bengio an

Aman Dalmia 1k Dec 27, 2022
Codes for AAAI 2022 paper: Context-aware Health Event Prediction via Transition Functions on Dynamic Disease Graphs

Context-Aware-Healthcare Codes for AAAI 2022 paper: Context-aware Health Event Prediction via Transition Functions on Dynamic Disease Graphs Download

LuChang 9 Dec 26, 2022
We are More than Our JOints: Predicting How 3D Bodies Move

We are More than Our JOints: Predicting How 3D Bodies Move Citation This repo contains the official implementation of our paper MOJO: @inproceedings{Z

72 Oct 20, 2022
HyperDict - Self linked dictionary in Python

Hyper Dictionary Advanced python dictionary(hash-table), which can link it-self

8 Feb 06, 2022
Codebase for the solution that won first place and was awarded the most human-like agent in the 2021 NeurIPS Competition MineRL BASALT Challenge.

KAIROS MineRL BASALT Codebase for the solution that won first place and was awarded the most human-like agent in the 2021 NeurIPS Competition MineRL B

Vinicius G. Goecks 37 Oct 30, 2022
8-week curriculum for AI Builders

curriculum 8-week curriculum for AI Builders สารบัญ บทที่ 1 - Machine Learning คืออะไร บทที่ 2 - ชุดข้อมูลมหัศจรรย์และถิ่นที่อยู่ บทที่ 3 - Stochastic

AI Builders 134 Jan 03, 2023
Contains a bunch of different python programm tasks

py_tasks Contains a bunch of different python programm tasks Armstrong.py - calculate Armsrong numbers in range from 0 to n with / without cache and c

Dmitry Chmerenko 1 Dec 17, 2021
MatryODShka: Real-time 6DoF Video View Synthesis using Multi-Sphere Images

Main repo for ECCV 2020 paper MatryODShka: Real-time 6DoF Video View Synthesis using Multi-Sphere Images. visual.cs.brown.edu/matryodshka

Brown University Visual Computing Group 75 Dec 13, 2022
Exploring whether attention is necessary for vision transformers

Do You Even Need Attention? A Stack of Feed-Forward Layers Does Surprisingly Well on ImageNet Paper/Report TL;DR We replace the attention layer in a v

Luke Melas-Kyriazi 461 Jan 07, 2023
A state of the art of new lightweight YOLO model implemented by TensorFlow 2.

CSL-YOLO: A New Lightweight Object Detection System for Edge Computing This project provides a SOTA level lightweight YOLO called "Cross-Stage Lightwe

Miles Zhang 54 Dec 21, 2022
[ACMMM 2021 Oral] Enhanced Invertible Encoding for Learned Image Compression

InvCompress Official Pytorch Implementation for "Enhanced Invertible Encoding for Learned Image Compression", ACMMM 2021 (Oral) Figure: Our framework

96 Nov 30, 2022
WPPNets: Unsupervised CNN Training with Wasserstein Patch Priors for Image Superresolution

WPPNets: Unsupervised CNN Training with Wasserstein Patch Priors for Image Superresolution This code belongs to the paper [1] available at https://arx

Fabian Altekrueger 5 Jun 02, 2022
Karate Club: An API Oriented Open-source Python Framework for Unsupervised Learning on Graphs (CIKM 2020)

Karate Club is an unsupervised machine learning extension library for NetworkX. Please look at the Documentation, relevant Paper, Promo Video, and Ext

Benedek Rozemberczki 1.8k Jan 07, 2023
Seg-Torch for Image Segmentation with Torch

Seg-Torch for Image Segmentation with Torch This work was sparked by my personal research on simple segmentation methods based on deep learning. It is

Eren Gölge 37 Dec 12, 2022
[3DV 2021] A Dataset-Dispersion Perspective on Reconstruction Versus Recognition in Single-View 3D Reconstruction Networks

dispersion-score Official implementation of 3DV 2021 Paper A Dataset-dispersion Perspective on Reconstruction versus Recognition in Single-view 3D Rec

Yefan 7 May 28, 2022
Data Consistency for Magnetic Resonance Imaging

Data Consistency for Magnetic Resonance Imaging Data Consistency (DC) is crucial for generalization in multi-modal MRI data and robustness in detectin

Dimitris Karkalousos 19 Dec 12, 2022