基於光電流洩漏之旁通道攻擊：在有限資料集中的特徵選取到模型評估

葉品辰; Piin-Chen Yeh

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/101732

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	張智星	zh_TW
dc.contributor.advisor	Jyh-Shing Roger Jang	en
dc.contributor.author	葉品辰	zh_TW
dc.contributor.author	Piin-Chen Yeh	en
dc.date.accessioned	2026-03-04T16:07:58Z	-
dc.date.available	2026-03-05	-
dc.date.copyright	2026-03-04	-
dc.date.issued	2026	-
dc.date.submitted	2026-02-24	-
dc.identifier.citation	[1] P. Kocher, “Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems,” in Advances in Cryptology - CRYPTO 1996 (Lecture Notes in Computer Science), vol. 1109. Springer, 1996, pp. 104–113. [2] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in Advances in Cryptology - CRYPTO 1999 (Lecture Notes in Computer Science), vol. 1666. Springer, 1999, pp. 388–397. [3] C. O'Flynn and Z. D. Chen, “ChipWhisperer: An open-source platform for hardware embedded security research,” in Proc. 5th Int. Workshop Constructive Side-Channel Anal. Secure Design (COSADE), Paris, France, 2014, pp. 243–260. [4] S. Mangard, E. Oswald, and T. Popp, Power Analysis Attacks: Revealing the Secrets of Smart Cards. New York, NY, USA: Springer, 2007. [5] A. Srivastava, S. Das, N. Choudhury, R. Psiakis, P. H. Silva, D. Pal, and K. Basu, “SCAR: Power side-channel analysis at RTL level,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 32, no. 6, pp. 1110–1123, Jun. 2024. [6] National Institute of Standards and Technology (NIST), “Announcing the Advanced Encryption Standard (AES),” U.S. Dept. Commerce, Washington, DC, USA, FIPS PUB 197, Nov. 2001. [7] E. Brier, C. Clavier, and F. Olivier, “Correlation power analysis with a leakage model,” in Proc. Cryptographic Hardware and Embedded Systems (CHES), 2004, pp. 16–29. [8] C. E. Shannon, “A mathematical theory of communication,” Bell Syst. Tech. J., vol. 27, no. 3, pp. 379–423, Jul. 1948. [9] E. Prouff and M. Rivain, “Theoretical and practical aspects of mutual information based side channel analysis,” in Proc. Applied Cryptography and Network Security (ACNS), 2009, pp. 499–518. [10] J.-W. Chou, Y.-L. Tsai, M.-H. Chu, S.-D. Lin, Y. Jin, and C.-M. Cheng, “Exploiting machine learning techniques to perform side channel attack,” in Proc. 12th Int. Workshop Inf. Secur. Appl. (WISA), Jeju Island, Korea, 2011, pp. 102–115. [11] 陳家瑋, “於熱能洩漏中尋找興趣點來實行區域性旁通道分析及基於機器學習之攻擊模型,” Master’s thesis, National Taiwan University, Taipei, Taiwan, Jan. 2021. [12] N. Chang, D. Zhu, L. Lin, D. Selvakumaran, J. Wen, S. H. Pan, W. Xia, H. Chen, C. Chow, and G. Chen, “ML-augmented methodology for fast thermal side-channel emission analysis,” in Proc. 26th Asia and South Pacific Design Automation Conf. (ASP-DAC), Tokyo, Japan, 2021, pp. 463–468. [13] D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi, “The EM side–channel(s): Attacks and assessment methodologies,” in Proc. Cryptographic Hardware and Embedded Systems (CHES), 2002, pp. 29–45. [14] C. Hutter and M. Schmidt, “Thermal side-channel attacks: Exploiting heat dissipation for information leakage,” in Proc. Cryptographic Hardware and Embedded Systems (CHES), 2014, pp. 305–322. [15] 婁敦傑,“區域性熱能洩漏之旁通道分析的改進,” Master’s thesis, National Taiwan University, Taipei, Taiwan, Sep 2022. [16] K. Zhang, T.-C. Lou, C.-C. Wang, J.-S. R. Jang, H. Li, L. Lin, and N. Chang, “Improving location-based thermal emission side-channel analysis using iterative transfer learning,” IEEE Access, vol. 13, pp. 87672–87692, 2025. [17] P. Skorobogatov and R. Anderson, “Optical fault induction attacks,” in Proc. Cryptographic Hardware and Embedded Systems (CHES), 2002, pp. 2–12. [18] L. Lin, D. Zhu, J. Wen, H. Chen, Y. Lu, N. Chang, C. Chow, H. Shrivastav, C.-W. Chen, K. Monta, and M. Nagata, “Multiphysics simulation of EM side-channels from silicon backside with ML-based auto-POI identification,” in Proc. IEEE Int. Symp. Hardware Oriented Security and Trust (HOST), Tysons Corner, VA, USA, 2021, pp. 270–280. [19] H. Li, L. Lin, N. Chang, S. Chowdhury, D. Jones, and J.-S. R. Jang, “Photon emission modeling and machine-learning assisted pre-silicon optical side-channel simulation,” in Proc. IEEE Int. Symp. Hardware Oriented Security and Trust (HOST), 2024, pp. 107–111. [20] G. Hospodar, B. Gierlichs, E. De Mulder, I. Verbauwhede, and J. Vandewalle, “Machine learning in side-channel analysis - A first study,” J. Cryptographic Eng., vol. 1, no. 4, pp. 293–302, 2011. [21] F.-X. Standaert, T. G. Malkin, and M. Yung, “A unified framework for the analysis of side-channel key recovery attacks,” in Advances in Cryptology - EUROCRYPT 2009, pp. 443–461. [22] J. Béguinot, W. Cheng, S. Guilley, and O. Rioul, “Guessing entropy vs. success rate for evaluating side-channel attacks of secure chips,” in Proc. IEEE Int. Conf. Acoustics, Speech and Signal Process. (ICASSP), 2022, pp. 8962–8966. [23] K. Tiri and I. Verbauwhede, “A logic level design methodology for a secure DPA resistant ASIC or FPGA implementation,” in Proc. Des. Autom. Test Eur. Conf. (DATE), 2004, pp. 246–251. [24] S. Picek, A. Heuser, A. Jovic, S. A. Ludwig, S. Guilley, D. Jakobovic, and N. Mentens, “On the use of machine learning for side-channel analysis: A comprehensive study,” J. Hardw. Syst. Secur., vol. 1, no. 1, pp. 1–13, 2017. [25] A. Heuser and M. Zohner, “Intelligent machine learning for side-channel analysis,” in Proc. Smart Card Research and Advanced Applications (CARDIS), 2012, pp. 110–125. [26] T. S. Messerges, “Securing the AES candidates against power analysis attacks,” in Proc. 5th ACM Conf. Comput. Commun. Security (CCS), 2000, pp. 1–11. [27] N. Veyrat-Charvillon, M. Medwed, S. Kerckhof, and F.-X. Standaert, “Shuffling against side-channel attacks: A comprehensive study with cautionary notes,” in Proc. Advances in Cryptology - ASIACRYPT 2012, pp. 740–757. [28] R. Benadjila, E. Cagli, C. Dumas, E. Prouff, and R. Strullu, “Study of deep learning techniques for side-channel analysis and introduction to ASCAD database,” IACR Cryptol. ePrint Arch., vol. 2018, p. 53, 2018.	-
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/101732	-
dc.description.abstract	本研究聚焦於光電流模擬資料中之潛在資訊洩漏，提出一套模組化且可擴展的旁通道攻擊分析流程。透過模擬加密晶片在執行進階加密標準-128（Advanced Encryption Standard-128, AES-128）運算時的光子行為與電流變化，我們獲得一組具時程整合特性的資料集，每筆觀測之旁通道揭露跡（side-channel trace, 以下簡稱揭露跡）皆包含 62,724 個由三種物理通道（Iavg、Irms、Ipeak）所構成的特徵值。實驗重點針對不同的特徵選取策略（白箱、黑箱、灰箱）以不同的物理通道來源和攻擊模型（統計式與機器學習式）進行交叉分析與比較。研究發現，透過適當的標準化處理與互資訊（mutual information, MI）選取法，三通道聯集（union）特徵來源能有效整合各通道之互補資訊，達到本研究中最佳的攻擊效能。我們並透過特徵重疊程度分析與晶片空間上的特徵點分布觀察，揭示了統計式選取法與晶片先驗知識之間的特徵選取差異。本研究進一步嘗試透過標籤空間之轉換（漢明權重降維與子位元拆解降維）來因應標籤不平衡（imbalanced）與資料量有限的問題。並引入猜測熵（guessing entropy）、猜測熵曲線下面積（area under the guessing entropy curve, AUGE）以及正規化後的猜測熵曲線下面積（normalized area under the guessing entropy curve, N-AUGE）來當作旁通道攻擊無法完美收斂時的跨攻擊模型之成效評估指標。實驗結果顯示，灰箱攻擊特徵選取方法（相關係數選取法與互資訊選取法）能超過白箱攻擊已知興趣點（known point of interest, known POI）特徵之效能；同時，漢明權重降維與子位元拆解降維的應用亦能提升旁通道攻擊模型的效能與穩定性。此研究不僅驗證了光電流模擬資料可作為旁通道攻擊之研究基礎，也為未來特徵選取與標籤空間的設計提供具體方向與策略建議。	zh_TW
dc.description.abstract	This thesis investigates the potential information leakage embedded within photonic current simulation data and proposes a modular, extensible framework for side-channel analysis. By simulating the photonic behavior of an Advanced Encryption Standard-128 (AES-128) encryption chip during operation, we obtain a dataset comprising 62,724 features per trace, constructed from three statistical channels: average (Iavg), root mean squared (Irms), and peak current (Ipeak). We evaluate multiple attack models, including traditional statistical approaches: correlation power analysis (CPA), mutual information analysis (MIA), and machine learning classifiers: k-nearest neighbor (KNN), Gaussian naïve Bayes (GNB), support vector machine (SVM), random forest (RF), extreme gradient boosting (XGBoost), across various feature selection strategies: white-box (known points of interest, known POI), black-box (variance-based), and gray-box (correlation-based and mutual information-based). Furthermore, we explore label space reduction techniques—such as Hamming weight (HW) transformation and bit-splitting—to address challenges posed by the label imbalanced and limited dataset. Experimental results show that gray-box feature selection strategies based on correlation and mutual information outperform the white-box attacks. Additionally, label reduction techniques enhance model stability and classification performance. This study confirms the utility of simulated photonic side-channel data in security analysis and offers practical strategies for feature selection and label reduction design in the data-constrained scenarios.	en
dc.description.provenance	Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2026-03-04T16:07:58Z No. of bitstreams: 0	en
dc.description.provenance	Made available in DSpace on 2026-03-04T16:07:58Z (GMT). No. of bitstreams: 0	en
dc.description.tableofcontents	中文摘要 i ABSTRACT ii 目次 iii 圖次 vii Chapter 1 緒論 1 1.1 研究動機與問題陳述 1 1.2 本論文之貢獻 2 1.3 章節概述 3 Chapter 2 背景知識與相關研究 4 2.1 旁通道攻擊（Side-channel Attack, SCA）概述 4 2.2 進階加密標準-128（Advanced Encryption Standard -128, AES-128） 5 2.3 統計型攻擊模型 6 2.3.1 相關係數功耗分析（Correlation Power Analysis, CPA） 6 2.3.2 互資訊分析（Mutual Information Analysis, MIA） 6 2.4 機器學習式旁通道分析方法 8 2.4.1 特徵選取和興趣點之定位 8 2.4.2 熱洩漏與功率洩漏的相關研究 9 2.4.3 光學洩漏模擬與預矽驗證分析 10 2.5 旁通道攻擊之效能評估指標 12 2.5.1 Top-1 準確率（Top-1 Accuracy, Accuracy） 12 2.5.2 排序指標（Rank） 12 2.5.3 最少所需揭露跡數（Minimum Traces to Disclosure, MTD） 13 2.5.4 猜測熵（Guessing Entropy, GE） 14 2.5.5 猜測熵曲線下面積（Area Under the Guessing Entropy Curve, AUGE） 15 2.5.6 標準化的猜測熵曲線下面積（Normalized-AUGE, N-AUGE） 15 Chapter 3 資料集介紹與探索性資料分析 17 3.1 資料集與物理模擬機制介紹 17 3.1.1 基於佈局的光子發射模擬流程 17 3.1.2 光電流通道之定義與資料格式 18 3.2 光電流揭露跡的探索性資料分析 19 3.2.1 觀測點的空間分布 20 3.2.2 各通道（Iavg、Irms、Ipeak）之比較 20 Chapter 4 研究方法 24 4.1 實驗流程與參數設定 24 4.1.1 實驗流程概述 24 4.1.2 實驗環境與機器學習分類器之參數設定 26 4.2 特徵選取策略 26 4.2.1 白箱策略：使用已知的興趣點 27 4.2.2 黑箱策略：依變異數選擇特徵 28 4.2.3 灰箱策略：相關係數挑選法與互資訊挑選法 29 4.3 攻擊模型設計 30 4.3.1 基礎方法：標準 256 類標籤的分類 30 4.3.2 標籤轉換（Label Transformation）：漢明權重之預測 31 4.3.3 標籤拆解（Label Splitting）：子位元拆解之預測 33 Chapter 5 實驗結果與討論 34 5.1 白箱攻擊分析 34 5.1.1 最佳通道選擇 34 5.1.2 統計方法與常見分類器之效能比較 36 5.2 黑箱與灰箱攻擊分析 37 5.2.1 特徵選取方法之成效比較 38 5.2.2 不同物理通道之洩漏特性分析 39 5.2.3 收斂效率與攻擊的強健性 40 5.2.4 特徵選取之通道來源與晶片布局之相關性分佈 42 5.2.5 特徵點數量與洗牌後重複實驗次數對攻擊效能之影響 47 5.3 標籤空間降維策略的效能評估 53 5.3.1 標籤分布的不平衡現象 53 5.3.2 漢明權重降維 56 5.3.3 子位元拆解降維 58 5.3.4 分類器架構對降維策略之敏感度分析 61 5.3.5 電流耦合現象與跨位元組洩漏之分析 66 5.3.6 模型超參數之敏感度分析與強健性驗證 70 5.4 實驗總結與觀察 72 5.5 防禦對策與安全建議 74 5.5.1 攻擊方法對現有防禦之挑戰 74 5.5.2 針對本研究攻擊之防禦建議 75 Chapter 6 結論與未來展望 77 6.1 研究總結 77 6.2 未來研究方向 80 參考文獻 82	-
dc.language.iso	zh_TW	-
dc.subject	旁通道攻擊	-
dc.subject	特徵選取	-
dc.subject	光電流模擬	-
dc.subject	漢明權重	-
dc.subject	標籤降維	-
dc.subject	AES-128	-
dc.subject	機器學習	-
dc.subject	資訊洩漏	-
dc.subject	Side-Channel Attack	-
dc.subject	Feature Selection	-
dc.subject	Photonic Current Simulation	-
dc.subject	Hamming Weight	-
dc.subject	Label Reduction	-
dc.subject	AES-128	-
dc.subject	Machine Learning	-
dc.subject	Information Leakage	-
dc.title	基於光電流洩漏之旁通道攻擊：在有限資料集中的特徵選取到模型評估	zh_TW
dc.title	Side-Channel Attacks on Photonic Leakage: From Feature Selection to Model Evaluation on a Limited Dataset	en
dc.type	Thesis	-
dc.date.schoolyear	114-1	-
dc.description.degree	碩士	-
dc.contributor.coadvisor	杜憶萍;陳尚澤	zh_TW
dc.contributor.coadvisor	I-Ping Tu;Shang-Tse Chen	en
dc.contributor.oralexamcommittee	張鴻嘉;陳君朋	zh_TW
dc.contributor.oralexamcommittee	Norman H. Chang;Jiun-Peng Chen	en
dc.subject.keyword	旁通道攻擊,特徵選取光電流模擬漢明權重標籤降維AES-128機器學習資訊洩漏	zh_TW
dc.subject.keyword	Side-Channel Attack,Feature SelectionPhotonic Current SimulationHamming WeightLabel ReductionAES-128Machine LearningInformation Leakage	en
dc.relation.page	85	-
dc.identifier.doi	10.6342/NTU202600789	-
dc.rights.note	同意授權(限校園內公開)	-
dc.date.accepted	2026-02-24	-
dc.contributor.author-college	電機資訊學院	-
dc.contributor.author-dept	資料科學學位學程	-
dc.date.embargo-lift	2026-03-05	-
顯示於系所單位：	資料科學學位學程

文件中的檔案：

檔案	大小	格式
ntu-114-1.pdf 授權僅限NTU校內IP使用（校園外請利用VPN校外連線服務）	5.14 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。