Software profiling via electromagnetic side-channel signal

Abstract

This thesis develops general methods to exploit information leaked in Electromagnetic (EM) emanations for profiling software applications. A broad range of computing devices and software applications can benefit from these methods. Computers radiate EM emanations when voltage and current flows change as a result of software program activity. EM emanations can be intercepted and analyzed to extract information about corresponding computation. Traditionally, EM side-channel has been leveraged to gather critical information about cryptographic algorithms. This information is used by cryptography researches to extract secret cryptographic keys from computing devices as the devices perform encryption operations. The design and implementation of this analysis is usually done ad-hoc, for a specific implementation of a cryptographic algorithm on a particular machine. The wide range of information that can be gathered from EM emanations signals suggests that it is useful for more purposes than cryptographic analysis. Moreover, there are two major benefits in using these signals. First, they can be received remotely and no contact with device is needed. This specially benefits embedded devices where access to the device is not easy or even possible. Second, the EM signal can be received and processed in a physically separate machine. This also benefits real-time and cyber-physical devices which have very limited computation and memory resources. Until now, only few bodies of work tried to explore the complex relationship between EM emanations, underlying architecture and software application. It is viable to use EM emanation as a tool for profiling application and infer various levels of information from it. This information may span from detailed statistics of an event in the underlying machine to timing information of the software program's code in large granularity. However, profiling this information requires a general approach that can be automatically applied to diverse programs and machines. Toward this goal, this thesis has developed (1) A new approach for profiling software programs that leverages unintentional EM side-channel and allows highly accurate profiling of loops and other repetitive activity, without perturbing the profiled system, (2) A new method for anomaly detection in program execution that monitors application's repetitive behavior, (3) an external memory profiler that infers last-level cache misses from EM side-channel signal, (4) a technique that extends the other proposed methods to multi-core systems by blind separation of EM emanation sources.