pith. sign in

arxiv: 1907.04428 · v1 · pith:5BN4ZPVXnew · submitted 2019-07-09 · 💻 cs.CR · cs.LG

Application Inference using Machine Learning based Side Channel Analysis

Nikhil Chawla , Arvind Singh , Monodeep Kar , Saibal Mukhopadhyay This is my paper

Pith reviewed 2026-05-25 00:05 UTC · model grok-4.3

classification 💻 cs.CR cs.LG
keywords side channelmachine learningapplication inferenceDVFSAndroid securityfrequency statesEM side-channelmalware detection
0
0 comments X

The pith

Supervised learning on CPU frequency states identifies known Android apps and detects unknowns with at least 85% accuracy

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper establishes that machine learning applied to instantaneous frequency states from the cpufreq driver can infer which applications are running on an Android platform. It demonstrates that these states alone allow identification of known applications and flagging of unknown ones at 85 percent accuracy or better. The approach uses features from electromagnetic emissions and dynamic voltage frequency scaling, but shows frequency states suffice for the inference. A sympathetic reader would care because it reveals a simple software-accessible side channel for monitoring app execution without requiring physical access or complex profiling. The work uses benchmarking applications on an ARMv8 processor.

Core claim

The paper claims that learning the instantaneous frequency states polled from the onboard frequency driver (cpufreq) is adequate to identify a known application and flag potentially malicious unknown applications, with experimental results showing at least 85% accuracy in detecting unknown applications on a Snapdragon 820 board.

What carries the argument

The instantaneous frequency states from the cpufreq driver used as features in a supervised learning model for application classification.

If this is right

  • Early detection of benchmarking applications is possible through frequency state patterns.
  • Machine learning based approach is effective for utilizing multi-dimensional features on complex SoCs.
  • Unknown applications can be flagged as potentially malicious with high accuracy.
  • A low-complexity path to application inference attacks is available through frequency states pattern of CPU core.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • This could mean that apps or the OS could monitor other apps' behavior using only user-level accessible data.
  • Similar frequency-based inference might work on other DVFS-enabled devices beyond Android.
  • Restricting access to cpufreq information might reduce the risk of such inferences.

Load-bearing premise

The patterns in frequency states from cpufreq are distinctive enough between different applications and stable enough across different executions to support accurate machine learning classification and generalization to new apps.

What would settle it

Collecting frequency state traces from multiple separate runs of the same known apps and new unknown apps, then training on some and testing accuracy on others to see if it drops below 85% for unknown detection.

Figures

Figures reproduced from arXiv: 1907.04428 by Arvind Singh, Monodeep Kar, Nikhil Chawla, Saibal Mukhopadhyay.

Figure 1
Figure 1. Figure 1: (a) Dynamic voltage frequency scaling algorithms can be a critical [PITH_FULL_IMAGE:figures/full_fig_p001_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Pre-processing and feature extraction from the raw measured traces for (a) DVFS and (b) EM signatures followed by building ML-based models and [PITH_FULL_IMAGE:figures/full_fig_p003_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: (a) Measurement Setup details to capture DVFS and EM-signatures (b) Open-Q APQ8096 System-on-Module development platform for characterization. [PITH_FULL_IMAGE:figures/full_fig_p004_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Detection time for applications with (a) SVM inference model and (b) RF inference model using features from DVFS and EM side channel [PITH_FULL_IMAGE:figures/full_fig_p006_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Cumulative Detection time for all applications with SVM inference [PITH_FULL_IMAGE:figures/full_fig_p007_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: Average Accuracy for Known and Unknown applications, at different [PITH_FULL_IMAGE:figures/full_fig_p008_6.png] view at source ↗
read the original abstract

The proliferation of ubiquitous computing requires energy-efficient as well as secure operation of modern processors. Side channel attacks are becoming a critical threat to security and privacy of devices embedded in modern computing infrastructures. Unintended information leakage via physical signatures such as power consumption, electromagnetic emission (EM) and execution time have emerged as a key security consideration for SoCs. Also, information published on purpose at user privilege level accessible through software interfaces results in software only attacks. In this paper, we used a supervised learning based approach for inferring applications executing on android platform based on features extracted from EM side-channel emissions and software exposed dynamic voltage frequency scaling(DVFS) states. We highlight the importance of machine learning based approach in utilizing these multi-dimensional features on a complex SoC, against profiling-based approaches. We also show that learning the instantaneous frequency states polled from onboard frequency driver (cpufreq) is adequate to identify a known application and flag potentially malicious unknown application. The experimental results on benchmarking applications running on ARMv8 processor in Snapdragon 820 board demonstrates early detection of these apps, and atleast 85% accuracy in detecting unknown applications. Overall, the highlight is to utilize a low-complexity path to application inference attacks through learning instantaneous frequency states pattern of CPU core.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 1 minor

Summary. The paper presents a supervised machine learning approach to infer applications executing on an Android platform by extracting features from electromagnetic (EM) side-channel emissions and software-exposed dynamic voltage frequency scaling (DVFS) states via the cpufreq driver. It claims that instantaneous frequency states polled from cpufreq alone are adequate to identify known applications and flag potentially malicious unknown applications, with experimental results on benchmarking applications running on an ARMv8 Snapdragon 820 processor showing early detection and at least 85% accuracy in detecting unknown applications.

Significance. If the results hold after proper validation, the work would demonstrate a low-complexity, software-accessible side channel for application inference on modern SoCs, highlighting the security risks of exposed DVFS interfaces and the advantage of ML-based multi-dimensional feature analysis over traditional profiling methods.

major comments (2)
  1. [Abstract] Abstract: the central claim of at least 85% accuracy for unknown-application detection is reported without any details on dataset size, cross-validation method, feature extraction, model architecture, or environmental noise handling, so the claim cannot be assessed from the provided information.
  2. [Abstract] Abstract: the assertion that cpufreq frequency states form app-specific signatures sufficient for both known-app identification and unknown-app flagging does not include workload-matched controls; without evidence that traces are driven by application identity rather than instantaneous CPU load or thread mix, the generalization to unknown binaries remains unverified.
minor comments (1)
  1. [Abstract] Abstract: 'atleast' should be written as 'at least'.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive feedback on the abstract. We will revise the manuscript to address the concerns about methodological transparency and the specificity of cpufreq signatures, while preserving the core contributions on low-complexity side-channel inference.

read point-by-point responses

  1. Referee: [Abstract] Abstract: the central claim of at least 85% accuracy for unknown-application detection is reported without any details on dataset size, cross-validation method, feature extraction, model architecture, or environmental noise handling, so the claim cannot be assessed from the provided information.

    Authors: The abstract is a concise summary; full details appear in Sections 3 (feature extraction from EM and cpufreq traces) and 4 (experimental setup, including dataset collection on Snapdragon 820, model training, and validation). To make the central claim assessable directly from the abstract, we will revise it to briefly note the key parameters (e.g., dataset scale, cross-validation approach, and noise mitigation via controlled lab conditions) without exceeding length limits. revision: yes

  2. Referee: [Abstract] Abstract: the assertion that cpufreq frequency states form app-specific signatures sufficient for both known-app identification and unknown-app flagging does not include workload-matched controls; without evidence that traces are driven by application identity rather than instantaneous CPU load or thread mix, the generalization to unknown binaries remains unverified.

    Authors: We agree that distinguishing application identity from workload effects is important. The manuscript uses diverse benchmarking workloads with varying CPU demands, and the supervised model learns temporal frequency-state sequences that differentiate apps even under similar average loads. We will add a paragraph in the revised discussion section clarifying this distinction based on the observed trace patterns and will include workload-matched controls as additional supporting evidence. revision: partial

Circularity Check

0 steps flagged

No circularity: purely experimental ML results with no derivation chain

full rationale

The paper presents an experimental study using supervised ML on EM emissions and cpufreq DVFS states to classify known applications and detect unknowns at >=85% accuracy. No mathematical derivations, equations, or first-principles claims are present in the abstract or described methodology. Results are reported directly from benchmarking runs on Snapdragon 820 hardware without any fitted parameters renamed as predictions, self-definitional constructs, or load-bearing self-citations. The central claim rests on empirical accuracy metrics rather than any reduction to inputs by construction, making the work self-contained against external benchmarks.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

No explicit free parameters, axioms, or invented entities are described in the abstract; the work relies on standard supervised learning assumptions and the unstated premise that side-channel features are informative.

pith-pipeline@v0.9.0 · 5757 in / 1030 out tokens · 24370 ms · 2026-05-25T00:05:07.443719+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

19 extracted references · 19 canonical work pages

  1. [1]

    Template attacks,

    S. Chari, J. R. Rao, and P. Rohatgi, “Template attacks,” in Cryptographic Hardware and Embedded Systems - CHES 2002 , B. S. Kaliski, c ¸. K. Koc ¸, and C. Paar, Eds. Berlin, Heidelberg: Springer Berlin Heidelberg, 2003, pp. 13–28

    work page 2002

  2. [2]

    Systematic classification of side-channel attacks: A case study for mobile devices,

    R. Spreitzer, V . Moonsamy, T. Korak, and S. Mangard, “Systematic classification of side-channel attacks: A case study for mobile devices,” IEEE Communications Surveys Tutorials , vol. 20, no. 1, pp. 465–488, Firstquarter 2018

    work page 2018

  3. [3]

    Template attacks vs. machine learning revisited and the curse of dimensionality in side-channel analysis,

    L. Lerman, R. Poussier, G. Bontempi, O. Markowitch, and F.-X. Stan- daert, “Template attacks vs. machine learning revisited and the curse of dimensionality in side-channel analysis,” in Revised Selected Papers of the 6th International Workshop on Constructive Side-Channel Analysis and Secure Design - Volume 9064 , ser. COSADE 2015. New York, NY , USA: Spr...

    work page 2015

  4. [4]

    Side-channel analysis and machine learning: A practical perspective,

    S. Picek, A. Heuser, A. Jovic, S. A. Ludwig, S. Guilley, D. Jakobovic, and N. Mentens, “Side-channel analysis and machine learning: A practical perspective,” in 2017 International Joint Conference on Neural Networks (IJCNN), May 2017, pp. 4095–4102

    work page 2017

  5. [5]

    Side channel attack: An approach based on machine learning,

    O. Markowitch, L. Lerman, and G. Bontempi, “Side channel attack: An approach based on machine learning,” in Constructive Side-Channel Analysis and Secure Design, COSADE , 02 2011

    work page 2011

  6. [6]

    A machine learning approach against a masked aes,

    L. Lerman, G. Bontempi, and O. Markowitch, “A machine learning approach against a masked aes,” Journal of Cryptographic Engineering, vol. 5, no. 2, pp. 123–139, Jun 2015. [Online]. Available: https: //doi.org/10.1007/s13389-014-0089-3

    work page doi:10.1007/s13389-014-0089-3 2015

  7. [7]

    A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events,

    R. Callan, A. Zajic, and M. Prvulovic, “A practical methodology for measuring the side-channel signal available to the attacker for instruction-level events,” in 2014 47th Annual IEEE/ACM International Symposium on Microarchitecture, Dec 2014, pp. 242–254

    work page 2014

  8. [8]

    Eddie: Em-based detection of deviations in program execution,

    A. Nazari, N. Sehatbakhsh, M. Alam, A. Zajic, and M. Prvulovic, “Eddie: Em-based detection of deviations in program execution,” in 2017 ACM/IEEE 44th Annual International Symposium on Computer Architecture (ISCA), June 2017, pp. 333–346

    work page 2017

  9. [9]

    Wattsupdoc: Power side channels to nonintrusively discover untargeted malware on embedded medical devices,

    S. S. Clark, B. Ransford, A. Rahmati, S. Guineau, J. Sorber, K. Fu, and W. Xu, “Wattsupdoc: Power side channels to nonintrusively discover untargeted malware on embedded medical devices,” in Proceedings of the 2013 USENIX Conference on Safety, Security, Privacy and Interoperability of Health Information Technologies, ser. HealthTech’13. Berkeley, CA, USA:...

    work page arXiv 2013

  10. [10]

    Watch me, but don’t touch me! contactless control flow monitoring via electromagnetic emanations,

    Y . Han, S. Etigowni, H. Liu, S. Zonouz, and A. Petropulu, “Watch me, but don’t touch me! contactless control flow monitoring via electromagnetic emanations,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security , ser. CCS ’17. New York, NY , USA: ACM, 2017, pp. 1095–1108. [Online]. Available: http://doi.acm.org/10.1145/...

    work page doi:10.1145/3133956.3134081 2017

  11. [11]

    Power attack resistant cryptosystem design: a dynamic voltage and frequency switching approach,

    S. Yang, W. Wolf, N. Vijaykrishnan, D. N. Serpanos, and Y . Xie, “Power attack resistant cryptosystem design: a dynamic voltage and frequency switching approach,” in Design, Automation and Test in Europe , March 2005, pp. 64–69 V ol. 3

    work page 2005

  12. [12]

    Exploiting on-chip power management for side-channel security,

    A. Singh, M. Kar, S. Mathew, A. Rajan, V . De, and S. Mukhopadhyay, “Exploiting on-chip power management for side-channel security,” in 2018 Design, Automation Test in Europe Conference Exhibition (DATE), March 2018, pp. 401–406

    work page 2018

  13. [13]

    Improved power/em side-channel attack resistance of 128-bit aes engines with random fast voltage dithering,

    A. Singh, M. Kar, S. K. Mathew, A. Rajan, V . De, and S. Mukhopad- hyay, “Improved power/em side-channel attack resistance of 128-bit aes engines with random fast voltage dithering,” IEEE Journal of Solid-State Circuits, pp. 1–15, 2018

    work page 2018

  14. [14]

    Clkscrew: Exposing the perils of security-oblivious energy management,

    A. Tang, S. Sethumadhavan, and S. Stolfo, “Clkscrew: Exposing the perils of security-oblivious energy management,” in Proceedings of the 26th USENIX Conference on Security Symposium , ser. SEC’17. Berkeley, CA, USA: USENIX Association, 2017, pp. 1057–1074. [Online]. Available: http://dl.acm.org/citation.cfm?id=3241189.3241272

    work page arXiv 2017

  15. [15]

    Hardware performance counter-based malware identification and detection with adaptive compressive sensing,

    X. Wang, S. Chai, M. Isnardi, S. Lim, and R. Karri, “Hardware performance counter-based malware identification and detection with adaptive compressive sensing,” ACM Trans. Archit. Code Optim. , vol. 13, no. 1, pp. 3:1–3:23, Mar. 2016. [Online]. Available: http://doi.acm.org/10.1145/2857055

    work page doi:10.1145/2857055 2016

  16. [16]

    Procharvester: Fully automated analysis of procfs side-channel leaks on android,

    R. Spreitzer, F. Kirchengast, D. Gruss, and S. Mangard, “Procharvester: Fully automated analysis of procfs side-channel leaks on android,” in Proceedings of the 2018 on Asia Conference on Computer and Communications Security , ser. ASIACCS ’18. New York, NY , USA: ACM, 2018, pp. 749–763. [Online]. Available: http: //doi.acm.org/10.1145/3196494.3196510

    work page doi:10.1145/3196494.3196510 2018

  17. [17]

    On the feasibility of online malware detection with performance counters,

    J. Demme, M. Maycock, J. Schmitz, A. Tang, A. Waksman, S. Sethumadhavan, and S. Stolfo, “On the feasibility of online malware detection with performance counters,” in Proceedings of the 40th Annual International Symposium on Computer Architecture , ser. ISCA ’13. New York, NY , USA: ACM, 2013, pp. 559–570. [Online]. Available: http://doi.acm.org/10.1145/2...

    work page doi:10.1145/2485922.2485970 2013

  18. [18]

    Memento: Learning secrets from process footprints,

    S. Jana and V . Shmatikov, “Memento: Learning secrets from process footprints,” in 2012 IEEE Symposium on Security and Privacy , May 2012, pp. 143–157

    work page 2012

  19. [19]

    Peeking into your app without actually seeing it: Ui state inference and novel android attacks,

    Q. A. Chen, Z. Qian, and Z. M. Mao, “Peeking into your app without actually seeing it: Ui state inference and novel android attacks,” in Proceedings of the 23rd USENIX Conference on Security Symposium, ser. SEC’14. Berkeley, CA, USA: USENIX Association, 2014, pp. 1037–1052. [Online]. Available: http://dl.acm.org/citation. cfm?id=2671225.2671291

    work page arXiv 2014