Next Article in Journal
Forecasting of Wind Speed and Power through FFNN and CFNN Using HPSOBA and MHPSO-BAACs Techniques
Next Article in Special Issue
Noise2Clean: Cross-Device Side-Channel Traces Denoising with Unsupervised Deep Learning
Previous Article in Journal
Sandpiper Optimization with a Deep Learning Enabled Fault Diagnosis Model for Complex Industrial Systems
Previous Article in Special Issue
A Non-Destructive Method for Hardware Trojan Detection Based on Radio Frequency Fingerprinting
 
 
Article
Peer-Review Record

An Efficiency–Accuracy Balanced Power Leakage Evaluation Framework Utilizing Principal Component Analysis and Test Vector Leakage Assessment

Electronics 2022, 11(24), 4191; https://doi.org/10.3390/electronics11244191
by Zhen Zheng *, Yingjian Yan, Yanjiang Liu, Linyuan Li and Yajing Chang
Reviewer 1:
Reviewer 2:
Reviewer 3:
Electronics 2022, 11(24), 4191; https://doi.org/10.3390/electronics11244191
Submission received: 9 October 2022 / Revised: 9 December 2022 / Accepted: 13 December 2022 / Published: 15 December 2022

Round 1

Reviewer 1 Report

This manuscript proposed a principal component analysis (PCA)-TVLA-based leakage detection framework for the purpose of picking out the power traces that represent the main features of power data for leakage detection, which aimed at realizing the balance of accuracy and efficiency of the detection. Authors present experimental verification to demonstrate the advantage of the proposed scheme. I have the following comments after reviewing this manuscript

1. Applying PCA to solve various problems is not a novel technique, thus it might not be convincing the further study on this topic.

2. As mentioned in this manuscript, PCA looks for a few linear combinations of the variables that can be used to summarize the data without losing too much information.  Thus, by no mean the detection performance of PCA can outperform those approaches if the entire set of sampled data are applied, though the PCA approach might be efficient because less amount of data are processed.

3. In this manuscript two experimental examples were presented for verification. However, I would comment that some terminology are not well-defined before they are applied to evaluate the performance of the proposed PCA scheme, such as detection potency, leakage detection efficiency, total performing time, preprocessing time and detecting time etc. This work under current version is not rigorous enough to meet the criteria of publication. Especially, all equations can not appear correctly for us to read. Authors should double check the pdf version before they submit manuscript.

4. There are still grammar errors in this manuscript, and technique writing should be much improved, e.g. the abstract is wordy. 

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Reviewer 2 Report


The authors propose to combine TVLA and PCA for more efficient side-channel attacks. The paper (including the abstract) lacks context, and there is no mentioning of different types of side-channel attacks. What about power consumption attacks versus electromagnetic attack measuring leaked electromagnetic radiation; does the proposed attack apply to one or both? There needs to be a distinction, and power consumption attacks are less practical than electromagnetic attacks.

A Related work-section is missing. Other side-channel analysis methods than Goodwill et al. should be mentioned for background.
The supposed problem using TVLA alone is too much redundant information, which is somehow eliminated using PCA, which "screen powertraces". Exactly, what does "screen" mean here? To filter? Can PCA be used alone for side-channel attacks? It is not entirely clear what is the difference with Tiri et al. PCA approach.


All formulas are unreadable as they lack operators. I don't think it is meaningful to talk about t-values in the abstract, unless this is first explained.
What is "transitor conversion", cf. line 104? What is "the null hyposthesis", cf. line 123? What is the Student's .. function, cf line 130?
The sentences in lines 107-110 and 115-119 are not understandable. The latter must be broken into two or more.
Remove indentation from lines starting by "where". Indentation indicates new paragraphs.
Remove lines 159-166 as this is repetition of Alg. 1.
Alg. 1 is split across two pages.
Figures and algorithms should be places on top or bottom, not in the middle of pages.
Do not refer to a figure by using colon (:), rather refer to it as Fig. x.
What does "centralize matrix" mean? Do you mean to center? In any case, this should be explained.
What does "dimensional reduction" mean? Please explain.

Not equipped with an oscilloscope, line 232? What about Fig. 3?
Table 1 needs to be explained. Why is this relevant? Some of the hor. lines needs to be stretched to the left. What means the text in column 2?
Figure 4 lacks subfigure descriptions.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 3 Report

The authors claim to present a new TVLA based on an original screening of power traces data using PCA.
The paper is quite well writen, but there are two big concerns:
In all equations, at least the operator symbols are missing, which makes tha paper very difficult to follow.

It seems from line 329: "Scheme 2 significantly improved the leakage detection efficiency" that the authors define "efficiency" as processing speed, but this should be clarified in the paper since it is used in the Title, abstract, conclusion...

Some other minor points need to be adressed:
In the abstract the authors tell us about a sample size of 900 and 2500 for MCU and FPGA respectively and then in paragraph 4 they show results in figure 4  for a sample size of 500 for the MCU. What does the "sample size" mean here? Is it the number of power traces or the number of points in a power trace?
I think that the reader can be easily confused about the meaning of "sample size": if I understand well, it is undifferently used for the number of acquisition points in a power trace and the number of power traces used in the TVLA. This should be clarified in the paper.

line 202: "Moreover, the methodology of feature extraction can retain the characteristics of the raw power consumption data to a great extent..." Could you clarify or justify this sentence?
 line 314: "Moreover, when the sample size was less than 200, Scheme 1 consumed MORE time than the latter three schemes," should be LESS according to table 2!

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Round 2

Reviewer 1 Report

No further comments

Author Response

Thank you again for your valuable guidance before, and I will continue to make further improvements to my paper. Good luck with your work!

Reviewer 2 Report

The authors propose to combine TVLA and PCA for detecting more efficient side-channel power leakage.
I am a bit concerned whether this combination has any merit, as the authors' own measurements show INSIGNIFICANT improvement over TVLA alone. Some of the previous comments have not been taken into account in the revised version, like unsatisfactory context description, related work-section is missing, and more. As motivation, it is said that "evaluating process aims to judge whether there is side-channel leakage within a restricted amount of time." What is the amount of time in question, exactly? The authors state "formulate the evaluation in a general procedure independent of the existing attacking forms for a side-channel leakage assessment." Is the proposed method a general procedure?

Do you mean on/off-switching by "transistor conversion"? This is no established term.
The PCA procedure on page 5 should be boxed in as an "Algorithm". Why not combine it with Algorithm 1?
What is the meaning of "extremum" compared to maximum and minimum?
All formulas are still incomplete.
The term "serial number" is wrong.
Other papers should NOT be referenced by the word "literature", rather use author names.
In some places, different font sizes seem to occur, e.g. lines 107 and 115.
The authors claim that "the types of known side-channel attacks are steadily increasing." This claim should be backed by some reference.
All integers in the tables lack a measurement unit.

 

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 3 Report

I'm sorry, but the symbols still don't appear in the equations and in algorithm 1!

So the article is still not publishable as is.

Furthermore you wrote in your response "In the experimental results, the test statistics of TVLA obtained after selecting power traces by the method of feature extraction can exceed the threshold with a smaller sample size of power trace than the original method" But neither figure 5 nor figure 8 show this clearly. Maybe it is sometimes true for very small sample sizes, but this should be clarified.

Lastly, could you explain why it is interesting to save 2 seconds of computing time for a TVLA detection?

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Round 3

Reviewer 2 Report

All formulas are still incomplete.... the paper cannot be accepted until this is corrected!

Table 1 needs to be comprehensibly explained. The following sentence is not clear: "Table 1 presents the maximum, the minimum and the local maximum values and their corresponding sampling position (the numbering of the corresponding sampling points) in the power traces obtained by each scheme." What is sampling position? What is a "local maximum"?

Fig 6 and 9 give the impression that "scheme 2" has improved performance over "scheme 1". Does this include both preprocessing and detection?

I dont think it is fully clear if PCA incurs only preprocessing and TVLA only detection. This should be explicitly pointed out.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 3 Report

The authors claim to have checked the equations carefully. It seems surreal but this third version of the paper still does not include symbols in the equations! It is therefore still impossible to publish the article in its current state. Here is an example of some completely illegible equations extracted from this revision:

 

Regarding points 2 and 3:
Point 2 mainly concerns figures 5 and 8, the answer does not deal with this point. Unless it is necessary to understand that the abscissa of these figures for diagrams 2, 3 and 4 represents the number of traces BEFORE the sreening of 80%?

For point 3 can you give an order of magnitude of processing times in real situation?

Moreover, the answers to these points should be integrated into the article and not only in the response to the proofreader.

Regards

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Round 4

Reviewer 2 Report

The paper is improved and almost publishable. There are few minor issues left.

I am not convinced that the claim "component dependent on the operation can be denoted as P_op and the component dependent on the processed data can be denoted as data P_data " is correct. Rather, it it reasonable that P_op is dependent on and reflected by P_data, and so these are not separable!

Moreover, I cannot find that this distinction is mentioned, relevant or taken into account for the combined methods. As such, P_op and P_data should be combined.

Replace the sentence "... transistors in the process of current detection, rectification, amplification, switching, voltage regulation, signal modulation and other motions ..." (lines 121,122) with "... transistor processing ..."

The inequality on line 158 must be corrected.

Math lists (eg. lines 179, 203 and Alg. 1) are not proper and do not have proper commas. In LaTeX, they should be on the form $e_1, e_2, \ldots, e_m$.

Author Response

Please see the attachment.

Author Response File: Author Response.pdf

Reviewer 3 Report

Thank you, the paper is now publishabled.

Author Response

I sincerely appreciate your hard work and wish you good health and smooth in your work

Back to TopTop