Beyond TVLA: Anderson-Darling Leakage Assessment for Neural Network Side-Channel Leakage Detection
This work addresses the need for more sensitive leakage detection in neural network side-channel analysis, particularly for protected implementations, though it is incremental as it builds on existing statistical tests.
The authors tackled the problem of detecting side-channel leakage in neural network implementations, where traditional mean-based methods like TVLA can be insensitive to higher-order distributional differences. They proposed ADLA, a framework using the Anderson-Darling test, and showed it provides improved leakage-detection sensitivity in protected implementations with a low number of traces compared to TVLA.
Test Vector Leakage Assessment (TVLA) based on Welch's $t$-test has become a standard tool for detecting side-channel leakage. However, its mean-based nature can limit sensitivity when leakage manifests primarily through higher-order distributional differences. As our experiments show, this property becomes especially crucial when it comes to evaluating neural network implementations. In this work, we propose Anderson--Darling Leakage Assessment (ADLA), a leakage detection framework that applies the two-sample Anderson--Darling test for leakage detection. Unlike TVLA, ADLA tests equality of the full cumulative distribution functions and does not rely on a purely mean-shift model. We evaluate ADLA on a multilayer perceptron (MLP) trained on MNIST and implemented on a ChipWhisperer-Husky evaluation platform. We consider protected implementations employing shuffling and random jitter countermeasures. Our results show that ADLA can provide improved leakage-detection sensitivity in protected implementations for a low number of traces compared to TVLA.