shreyaaa26-codes/AI-based-Cryptographic-Side-Channel-Attack-Detection-and-Defense

# AI-Based Cryptographic Side-Channel Attack Detection and Defense

## Overview Cryptographic algorithms such as **AES** and **RSA** are mathematically secure, but their **hardware implementations leak physical side-channel information** such as: - Power consumption - Timing behavior - Electromagnetic emissions These leakages can be exploited by attackers to recover secret cryptographic keys using **Side-Channel Attacks (SCA)**. This project presents an **AI-driven end-to-end framework** for **detecting, analyzing, scoring, explaining, and defending against side-channel leakage** using **Machine Learning, Deep Learning, and Explainable AI**. The system leverages the **ASCAD dataset** of AES power traces and combines: - Statistical leakage analysis - Feature engineering - Random Forest classification - CNN-based raw trace learning - Leakage severity scoring - Explainable saliency visualization - Automated defense recommendation engine ## Why This Project Matters Traditional cryptographic validation focuses on algorithm security, but **real-world hardware leaks physical information**. Manual leakage detection is: - Slow - Hardware-specific - Difficult to scale - Requires domain expertise This project automates side-channel leakage detection using **AI-based security analysis**, making cryptographic hardware testing faster, scalable, and more interpretable. ## Key Features ### AI-Powered Leakage Detection Automatically detects vulnerable cryptographic traces. ### Leakage Localization Identifies **leakage-prone regions in power traces** using statistical variance analysis. ### Hybrid ML + Deep Learning Pipeline Combines: - **Random Forest** (interpretable baseline) - **CNN** (high-performance deep learning detection) ### Leakage Severity Scoring Assigns risk levels: - Low - Medium - High ### Explainable AI Uses **CNN saliency maps** to highlight: - Sensitive execution regions - Time samples contributing most to leakage ### Defense Recommendation Engine Maps leakage severity to practical countermeasures. ## System Architecture Data Acquisition ↓ Trace Alignment & Normalization ↓ Leakage Localization ↓ Window Extraction & Feature Computation ↓ Random Forest Detection ↓ CNN Detection ↓ Leakage Severity Scoring ↓ Saliency-Based Explainability ↓ Defense Recommendation Engine ## Dataset ### ASCAD (AES Side Channel Analysis Dataset) This project uses the **ASCAD public dataset**, a benchmark dataset for side-channel research. **Dataset Characteristics:** - 50,000 AES power traces - Real hardware leakage traces - ~700 time samples per trace - Captured during AES encryption - Includes side-channel leakage information Used for: - Leakage localization - Feature extraction - Model training - Evaluation ## Methodology ### 1. Leakage Localization Variance-based statistical analysis is performed across multiple aligned traces. High variance regions correspond to **cryptographic operations with leakage sensitivity**. This helps isolate leakage-prone windows and improves learning efficiency. ### 2. Feature Extraction For each trace window, statistical descriptors are computed: - Energy - Variance - Signal statistics - Leakage indicators This converts noisy physical traces into machine-learning-ready features. ### 3. Random Forest Classifier A Random Forest classifier is trained on handcrafted statistical features. **Advantages:** - Fast - Interpretable - Feature importance analysis - Reliable baseline model Feature importance analysis identifies dominant leakage indicators. ### 4. CNN-Based Raw Trace Learning A **1D Convolutional Neural Network (CNN)** is trained directly on raw AES power traces. The CNN automatically learns: - Leakage signatures - Sensitive execution patterns - Complex non-linear leakage behavior **Advantages:** - No manual feature engineering - Better generalization - High detection accuracy ### 5. Leakage Severity Scoring A normalized risk score combines: - Statistical leakage features - Energy score - Variance score - CNN confidence score Severity categories: | Severity | Action | |----------|--------| | Low | Continue Monitoring | | Medium | Hiding / Noise Injection | | High | Masking / Randomization | ### 6. Explainable AI (Saliency Maps) CNN saliency maps visualize: - Important trace segments - Leakage-prone time samples - Prediction-driving signal regions This improves trust and hardware-level interpretability. ## Model Performance | Model | Accuracy | Precision | Recall | F1 Score | |------|---------|----------|--------|---------| | Logistic Regression | 84.2% | 83.7% | 84.0% | 83.8% | | CNN (Raw Traces) | **96.6%** | **96.4%** | **96.7%** | **96.5%** | ## Quantitative Highlights - **96.6% Detection Accuracy** - Real cryptographic hardware trace analysis - End-to-end automated leakage detection - Explainable security intelligence - Severity-aware defense prioritization ## Defense Recommendation Logic ### High Severity Recommended: - Masking - Hiding - Execution randomization ### Medium Severity Recommended: - Hiding techniques - Noise injection ### Low Severity Recommended: - Monitoring - No immediate action ## Project Structure AI-SideChannel-Detection/ │ ├── dataset/ │ ├── raw_traces/ │ └── processed_data/ │ ├── notebooks/ │ ├── leakage_analysis.ipynb │ ├── feature_extraction.ipynb │ ├── model_training.ipynb │ ├── models/ │ ├── random_forest.pkl │ ├── cnn_model.h5 │ ├── src/ │ ├── preprocessing.py │ ├── feature_extraction.py │ ├── train_rf.py │ ├── train_cnn.py │ ├── severity_scoring.py │ ├── saliency_maps.py │ └── defense_engine.py │ ├── results/ │ ├── plots/ │ ├── confusion_matrix/ │ └── reports/ │ ├── poster/ │ └── research_poster.pdf │ ├── requirements.txt └── README.md ## Installation Clone the repository: git clone https://github.com/yourusername/AI-based-Cryptographic-Side-Channel-Attack-Detection-and-Defense.git cd AI-based-Cryptographic-Side-Channel-Attack-Detection-and-Defense Install dependencies: pip install -r requirements.txt ## Usage Run preprocessing: python src/preprocessing.py Train Random Forest: python src/train_rf.py Train CNN: python src/train_cnn.py Generate saliency maps: python src/saliency_maps.py Run defense recommendation engine: python src/defense_engine.py ## Results - Successful leakage localization - Statistical leakage feature extraction - Random Forest baseline detection - CNN-based raw trace learning - 96.6% test accuracy - Severity-aware defense prioritization - Explainable leakage visualization ## Key Contributions - End-to-end AI-based side-channel leakage detection - Leakage localization using variance analysis - Hybrid ML + deep learning security framework - Severity-based leakage risk scoring - Explainable AI using saliency maps - Automated defense recommendation mapping ## Future Work - Real-time leakage monitoring dashboard - Streamlit deployment - Live risk visualization - Alert-based security monitoring - Support for RSA / ECC leakage traces - Hardware testing integration ## Tech Stack ### Programming Language - Python ### Machine Learning - Scikit-learn - Random Forest - Logistic Regression ### Deep Learning - TensorFlow - Keras - CNN ### Data Processing - NumPy - Pandas ### Visualization - Matplotlib ### Explainable AI - Saliency Maps - Feature Importance Analysis ## Research Poster This project was presented at: ## Authors - **Shreya L** - Dhruti Aravind - Nishanth Shet - MK Koushik Iyer