Durmaz, Fatih and Kamadan, Nureddin and Öz, Melih Taha and Ünal, Musa Sadık and Javeed, Arsalan and Yılmaz, Cemal and Savaş, Erkay (2023) TimeInspector: a static analysis approach for detecting timing attacks. In: IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Delft, Netherlands
Full text not available from this repository. (Request a copy)
Official URL: https://dx.doi.org/10.1109/EuroSPW59978.2023.00037
Abstract
We present a static analysis approach to detect malicious binaries that are capable of carrying out a timing attack. The proposed approach is based on a simple observation that the timing attacks typically operate by measuring the execution times of short sequences of instructions. Consequently, given a binary, we first construct the control flow graph of the binary and then determine the paths between the pairs of time readings, on which a suspiciously low number of instructions might be executed. In the presence of such a path, we mark the binary as potentially malicious and report all the suspicious paths identified. In the experiments, where a collection of benign and malicious binaries were used, the proposed approach correctly detected all the malicious binaries with an accuracy up to 99.5% and without any false negatives.
| Item Type: | Papers in Conference Proceedings |
|---|---|
| Uncontrolled Keywords: | malware analysis; side-channel attacks; static program analysis; timing attacks |
| Divisions: | Faculty of Engineering and Natural Sciences |
| Depositing User: | Cemal Yılmaz |
| Date Deposited: | 04 Sep 2023 16:25 |
| Last Modified: | 04 Sep 2023 16:25 |
| URI: | https://research.sabanciuniv.edu/id/eprint/47701 |
Actions (login required)
- View Item