Electromagnetic Side Channel: A Comparison of Multi-Class Feature Selection Methods

G.O. Dyrkolbotn and E. Snekkenes (Norway)


Feature selection, electromagnetic side channel, micropro cessors, covert channel


When a microprocessor executes its program, electromag netic signals are generated as a consequence of the power consumption associated with transistor transition. The in tercepted electromagnetic signal can be used to reveal the contents of program and/or data memory of the micropro cessor, exploited in a variety of attacks [1] [2] [3] [4]. Com mon for these approaches is the need to map an unknown intercepted signal (trace) to a known set of activities on the microprocessor, often based on thousand of available variables. It is unlikely that all variables contain relevant information and a large number of variables requires a lot of computational resources (storage and execution time). It is therefore of interest to reduce the number of variables by selecting lower dimensional subsets or mapping. This article gives an introduction to feature selec tion methods as well as suggestions as to how to handle a multi-class case. We use the wireless covert channel attack [4] to perform an application specific comparison between a selection of these methods. The different methods are compared by classification error and computational cost. Our results suggest use of the Greedy Forward Selection method, if preprocessing time is of no concern. Otherwise, ranking based methods give fair results. Experimental re sults also show that, in a wireless covert channel applica tion, it is possible to classify microprocessor activity (i.e instruction executed), with a very low probability of error, given the energy emitted on only a few selected carrier fre quencies. Implementation of a M-ary, multi carrier covert channel with a reasonable error rate is therefore feasible.

Important Links:

Go Back