{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:34:39Z","timestamp":1772724879426,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":60,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,10,13]],"date-time":"2024-10-13T00:00:00Z","timestamp":1728777600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"NSF","award":["CNS 1956007; CCF 2107470"],"award-info":[{"award-number":["CNS 1956007; CCF 2107470"]}]},{"name":"ACE"},{"name":"Intel"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,10,14]]},"DOI":"10.1145\/3656019.3676952","type":"proceedings-article","created":{"date-parts":[[2024,10,11]],"date-time":"2024-10-11T10:34:08Z","timestamp":1728642848000},"page":"338-350","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["FriendlyFoe: Adversarial Machine Learning as a Practical Architectural Defense against Side Channel Attacks"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8065-5151","authenticated-orcid":false,"given":"Hyoungwook","family":"Nam","sequence":"first","affiliation":[{"name":"University of Illinois at Urbana-Champaign, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0109-7417","authenticated-orcid":false,"given":"Raghavendra Pradyumna","family":"Pothukuchi","sequence":"additional","affiliation":[{"name":"Yale University, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4883-7267","authenticated-orcid":false,"given":"Bo","family":"Li","sequence":"additional","affiliation":[{"name":"University of Illinois, Urbana-Champaign, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0442-5634","authenticated-orcid":false,"given":"Nam Sung","family":"Kim","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana-Champaign, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2595-5228","authenticated-orcid":false,"given":"Josep","family":"Torrellas","sequence":"additional","affiliation":[{"name":"University of Illinois at Urbana Champaign, United States of America"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,10,13]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314466.1314469"},{"key":"e_1_3_2_1_2_1","volume-title":"International conference on machine learning. PMLR, 214\u2013223","author":"Arjovsky Martin","year":"2017","unstructured":"Martin Arjovsky, Soumith Chintala, and L\u00e9on Bottou. 2017. Wasserstein generative adversarial networks. In International conference on machine learning. PMLR, 214\u2013223."},{"key":"e_1_3_2_1_3_1","first-page":"2018","article-title":"Study of deep learning techniques for side-channel analysis and introduction to ASCAD database. ANSSI, France & CEA, LETI, MINATEC Campus","volume":"22","author":"Benadjila Ryad","year":"2018","unstructured":"Ryad Benadjila, Emmanuel Prouff, R\u00e9mi Strullu, Eleonora Cagli, and C\u00e9cile Dumas. 2018. Study of deep learning techniques for side-channel analysis and introduction to ASCAD database. ANSSI, France & CEA, LETI, MINATEC Campus, France 22 (2018), 2018.","journal-title":"France"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-012-0027-1"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1454115.1454128"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3185768.3185771"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66787-4_3"},{"key":"e_1_3_2_1_8_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Cherubin Giovanni","year":"2022","unstructured":"Giovanni Cherubin, Rob Jansen, and Carmela Troncoso. 2022. Online website fingerprinting: Evaluating website fingerprinting attacks on Tor in the real world. In 31st USENIX Security Symposium (USENIX Security 22). 753\u2013770."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.3115\/v1\/D14-1179"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3316781.3317934"},{"key":"e_1_3_2_1_11_1","unstructured":"Peter\u00a0W Deutsch. 2022. Github repository for DAGguise. https:\/\/github.com\/CSAIL-Arch-Sec\/DAGguise"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3503222.3507747"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3173162.3173204"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978353"},{"key":"e_1_3_2_1_15_1","volume-title":"Linear hinge loss and average margin. Advances in neural information processing systems 11","author":"Gentile Claudio","year":"1998","unstructured":"Claudio Gentile and Manfred\u00a0KK Warmuth. 1998. Linear hinge loss and average margin. Advances in neural information processing systems 11 (1998)."},{"key":"e_1_3_2_1_16_1","volume-title":"Generative adversarial nets. Advances in neural information processing systems 27","author":"Goodfellow Ian","year":"2014","unstructured":"Ian Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley, Sherjil Ozair, Aaron Courville, and Yoshua Bengio. 2014. Generative adversarial nets. Advances in neural information processing systems 27 (2014)."},{"key":"e_1_3_2_1_17_1","volume-title":"Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572","author":"Goodfellow J","year":"2014","unstructured":"Ian\u00a0J Goodfellow, Jonathon Shlens, and Christian Szegedy. 2014. Explaining and harnessing adversarial examples. arXiv preprint arXiv:1412.6572 (2014)."},{"key":"e_1_3_2_1_18_1","volume-title":"Adversarial Attack Based Countermeasures against Deep Learning Side-Channel Attacks. arXiv preprint arXiv:2009.10568","author":"Gu Ruizhe","year":"2020","unstructured":"Ruizhe Gu, Ping Wang, Mengce Zheng, Honggang Hu, and Nenghai Yu. 2020. Adversarial Attack Based Countermeasures against Deep Learning Side-Channel Attacks. arXiv preprint arXiv:2009.10568 (2020)."},{"key":"e_1_3_2_1_19_1","volume-title":"Applications of machine learning techniques in side-channel attacks: A survey. Journal of Cryptographic Engineering","author":"Hettwer Benjamin","year":"2019","unstructured":"Benjamin Hettwer, Stefan Gehrer, and Tim G\u00fcneysu. 2019. Applications of machine learning techniques in side-channel attacks: A survey. Journal of Cryptographic Engineering (2019), 1\u201328."},{"key":"e_1_3_2_1_20_1","volume-title":"Long short-term memory. Neural computation 9, 8","author":"Hochreiter Sepp","year":"1997","unstructured":"Sepp Hochreiter and J\u00fcrgen Schmidhuber. 1997. Long short-term memory. Neural computation 9, 8 (1997), 1735\u20131780."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-011-0023-x"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.4218\/etrij.2019-0163"},{"key":"e_1_3_2_1_23_1","volume-title":"NIPS Systems for ML Workshop","author":"Johnson Jeff","year":"2018","unstructured":"Jeff Johnson. 2018. Rethinking floating point for deep learning. NIPS Systems for ML Workshop (2018)."},{"key":"e_1_3_2_1_24_1","volume-title":"The libgcrypt reference manual","author":"Koch Werner","year":"2005","unstructured":"Werner Koch and Moritz Schulte. 2005. The libgcrypt reference manual. Free Software Foundation Inc (2005), 1\u201347."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-011-0006-y"},{"key":"e_1_3_2_1_26_1","volume-title":"Imagenet classification with deep convolutional neural networks. Advances in neural information processing systems 25","author":"Krizhevsky Alex","year":"2012","unstructured":"Alex Krizhevsky, Ilya Sutskever, and Geoffrey\u00a0E Hinton. 2012. Imagenet classification with deep convolutional neural networks. Advances in neural information processing systems 25 (2012), 1097\u20131105."},{"key":"e_1_3_2_1_27_1","volume-title":"Deep learning side-channel attack against hardware implementations of AES. Microprocessors and Microsystems","author":"Kubota Takaya","year":"2020","unstructured":"Takaya Kubota, Kota Yoshida, Mitsuru Shiozaki, and Takeshi Fujino. 2020. Deep learning side-channel attack against hardware implementations of AES. Microprocessors and Microsystems (2020), 103383."},{"key":"e_1_3_2_1_28_1","volume-title":"On information and sufficiency. The annals of mathematical statistics 22, 1","author":"Kullback Solomon","year":"1951","unstructured":"Solomon Kullback and Richard\u00a0A Leibler. 1951. On information and sufficiency. The annals of mathematical statistics 22, 1 (1951), 79\u201386."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-21476-4_2"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2018-0036"},{"key":"e_1_3_2_1_31_1","volume-title":"The gem5 simulator: Version 20.0+. arXiv preprint arXiv:2007.03152","author":"Lowe-Power Jason","year":"2020","unstructured":"Jason Lowe-Power, Abdul\u00a0Mutaal Ahmad, Ayaz Akram, Mohammad Alian, Rico Amslinger, Matteo Andreozzi, Adri\u00e0 Armejach, Nils Asmussen, Brad Beckmann, Srikant Bharadwaj, 2020. The gem5 simulator: Version 20.0+. arXiv preprint arXiv:2007.03152 (2020)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-49445-6_1"},{"key":"e_1_3_2_1_33_1","volume-title":"Wavenet: A generative model for raw audio. arXiv preprint arXiv:1609.03499","author":"van\u00a0den Oord Aaron","year":"2016","unstructured":"Aaron van\u00a0den Oord, Sander Dieleman, Heiga Zen, Karen Simonyan, Oriol Vinyals, Alex Graves, Nal Kalchbrenner, Andrew Senior, and Koray Kavukcuoglu. 2016. Wavenet: A generative model for raw audio. arXiv preprint arXiv:1609.03499 (2016)."},{"key":"e_1_3_2_1_34_1","volume-title":"USENIX Security Symposium","author":"Paccagnella Riccardo","year":"2021","unstructured":"Riccardo Paccagnella, Licheng Luo, and Christopher\u00a0W Fletcher. 2021. Lord of the Ring (s): Side Channel Attacks on the CPU On-Chip Ring Interconnect Are Practical. USENIX Security Symposium (2021)."},{"key":"e_1_3_2_1_35_1","volume-title":"Retrieved","author":"Pandruvada Srinivas","year":"2014","unstructured":"Srinivas Pandruvada. 2014. Running Average Power Limit \u2013 RAPL. Retrieved June, 2014 from https:\/\/01.org\/blogs\/2014\/running-average-power-limit\u2013rapl"},{"key":"e_1_3_2_1_36_1","volume-title":"Transferability in machine learning: From phenomena to black-box attacks using adversarial samples. arXiv preprint arXiv:1605.07277","author":"Papernot Nicolas","year":"2016","unstructured":"Nicolas Papernot, Patrick McDaniel, and Ian Goodfellow. 2016. Transferability in machine learning: From phenomena to black-box attacks using adversarial samples. arXiv preprint arXiv:1605.07277 (2016)."},{"key":"e_1_3_2_1_37_1","volume-title":"Pytorch: An imperative style, high-performance deep learning library. Advances in neural information processing systems 32","author":"Paszke Adam","year":"2019","unstructured":"Adam Paszke, Sam Gross, Francisco Massa, Adam Lerer, James Bradbury, Gregory Chanan, Trevor Killeen, Zeming Lin, Natalia Gimelshein, Luca Antiga, 2019. Pytorch: An imperative style, high-performance deep learning library. Advances in neural information processing systems 32 (2019)."},{"key":"e_1_3_2_1_38_1","volume-title":"Scikit-learn: Machine learning in Python. the Journal of machine Learning research 12","author":"Pedregosa Fabian","year":"2011","unstructured":"Fabian Pedregosa, Ga\u00ebl Varoquaux, Alexandre Gramfort, Vincent Michel, Bertrand Thirion, Olivier Grisel, Mathieu Blondel, Peter Prettenhofer, Ron Weiss, Vincent Dubourg, 2011. Scikit-learn: Machine learning in Python. the Journal of machine Learning research 12 (2011), 2825\u20132830."},{"key":"e_1_3_2_1_39_1","volume-title":"Lowering the bar: Deep learning for side channel analysis. BlackHat USA","author":"Perin Guilherme","year":"2018","unstructured":"Guilherme Perin, Baris Ege, and Jasper van Woudenberg. 2018. Lowering the bar: Deep learning for side channel analysis. BlackHat USA, Las Vegas, NV, USA, Tech. Rep (2018)."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2017.7966373"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363284"},{"key":"e_1_3_2_1_42_1","unstructured":"Raghavendra\u00a0Pradyumna Pothukuchi. 2021. Github repository for Maya: Obfuscating Power Side Channels with Formal Control. https:\/\/github.com\/mayadefense\/maya"},{"key":"e_1_3_2_1_43_1","volume-title":"2021 ACM\/IEEE 48th Annual International Symposium on Computer Architecture (ISCA). IEEE, 888\u2013901","author":"Pothukuchi Raghavendra\u00a0Pradyumna","year":"2021","unstructured":"Raghavendra\u00a0Pradyumna Pothukuchi, Sweta\u00a0Yamini Pothukuchi, Petros\u00a0G Voulgaris, Alexander Schwing, and Josep Torrellas. 2021. Maya: Using formal control to obfuscate power side channels. In 2021 ACM\/IEEE 48th Annual International Symposium on Computer Architecture (ISCA). IEEE, 888\u2013901."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3039691"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/TC.2020.3013196"},{"key":"e_1_3_2_1_46_1","volume-title":"Reinforcement Learning-Based Design of Side-Channel Countermeasures. In International Conference on Security, Privacy, and Applied Cryptography Engineering. Springer, 168\u2013187","author":"Rijsdijk Jorai","year":"2021","unstructured":"Jorai Rijsdijk, Lichao Wu, and Guilherme Perin. 2021. Reinforcement Learning-Based Design of Side-Channel Countermeasures. In International Conference on Security, Privacy, and Applied Cryptography Engineering. Springer, 168\u2013187."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/359340.359342"},{"key":"e_1_3_2_1_48_1","volume-title":"A mathematical theory of communication. The Bell system technical journal 27, 3","author":"Shannon E","year":"1948","unstructured":"Claude\u00a0E Shannon. 1948. A mathematical theory of communication. The Bell system technical journal 27, 3 (1948), 379\u2013423."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.vlsi.2017.02.002"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/TEVC.2019.2890858"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00059"},{"key":"e_1_3_2_1_52_1","unstructured":"TechPowerUp. 2020. AMD Ryzen 7 5800X. https:\/\/www.techpowerup.com\/cpu-specs\/ryzen-7-5800x.c2362"},{"key":"e_1_3_2_1_53_1","volume-title":"Attention is all you need. Advances in neural information processing systems 30","author":"Vaswani Ashish","year":"2017","unstructured":"Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones, Aidan\u00a0N Gomez, \u0141ukasz Kaiser, and Illia Polosukhin. 2017. Attention is all you need. Advances in neural information processing systems 30 (2017)."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","unstructured":"R. Vinaykumar KP. Soman M. Alazab S. Sriram and K. Simran. 2020. A Comprehensive Tutorial and Survey of Applications of Deep Learning for Cyber Security. TechRxiv (2020). https:\/\/doi.org\/10.36227\/techrxiv.11473377.v1","DOI":"10.36227\/techrxiv.11473377.v1"},{"key":"e_1_3_2_1_55_1","volume-title":"Support vector machines: theory and applications. Vol.\u00a0177","author":"Wang Lipo","unstructured":"Lipo Wang. 2005. Support vector machines: theory and applications. Vol.\u00a0177. Springer Science & Business Media."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.24963\/ijcai.2018\/543"},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/3274694.3274715"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/3240765.3240801"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3136064"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPCA.2017.36"}],"event":{"name":"PACT '24: International Conference on Parallel Architectures and Compilation Techniques","location":"Long Beach CA USA","acronym":"PACT '24","sponsor":["SIGARCH ACM Special Interest Group on Computer Architecture"]},"container-title":["Proceedings of the 2024 International Conference on Parallel Architectures and Compilation Techniques"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3656019.3676952","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3656019.3676952","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T19:55:52Z","timestamp":1755892552000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3656019.3676952"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,13]]},"references-count":60,"alternative-id":["10.1145\/3656019.3676952","10.1145\/3656019"],"URL":"https:\/\/doi.org\/10.1145\/3656019.3676952","relation":{},"subject":[],"published":{"date-parts":[[2024,10,13]]},"assertion":[{"value":"2024-10-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}