Side-channel based instruction disassembly has been proposed as a low-cost and non-invasive approach for security applications such as IP infringement detection, code flow analysis, malware detection, and reconstructing unknown code from obsolete systems. However, existing approaches to side-channel based disassembly rely on setups to collect and process side-channel traces that make them impractical for real-time applications. In addition, they rely on fixed classifiers that cannot adapt to statistical deviations in side-channels caused by different operating environments. In this article, we advance the state of the art in side-channel based disassembly in multiple ways. First, we introduce a new miniature platform, RASCv3, that can simultaneously collect power and EM measurements from a target device and subsequently process them for instruction disassembly in real time. Second, we devise a new approach to combine and select features from power and EM traces using information theory that improves classification accuracy and avoids the curse of dimensionality. Third, we explore covariate shift adjustment techniques that further improve accuracy over time and in response to statistical changes. The proposed methodology is demonstrated on six benchmarks, and the recognition rates of offline and real-time instruction disassemblers are compared for single- and multi-modal cases with a variety of classifiers and over time. Since the proposed approach is only applied to an 8-bit Arduino UNO, we also discuss challenges of extending to more complex targets.

翻译：基于侧信道的指令反汇编已被提出作为一种低成本、非侵入性的安全应用方法，适用于知识产权侵权检测、代码流分析、恶意软件检测以及从过时系统重建未知代码等场景。然而，现有的基于侧信道的反汇编方法依赖于收集和处理侧信道迹线的设置，这使其难以应用于实时场景。此外，这些方法依赖于固定的分类器，无法适应由不同操作环境引起的侧信道统计偏差。本文从多个方面推进了基于侧信道的指令反汇编技术发展。首先，我们引入了一个新型微型平台RASCv3，该平台能够同时从目标设备采集功耗和电磁测量数据，并实时处理这些数据以实现指令反汇编。其次，我们设计了一种基于信息论的新方法，用于融合和选择来自功耗与电磁迹线的特征，从而提高分类精度并避免维度灾难。第三，我们探索了协变量偏移调整技术，该技术能随时间推移并响应统计变化进一步提升精度。所提出的方法在六个基准测试上进行了验证，并针对单模态与多模态场景，比较了离线与实时指令反汇编器在不同分类器下及随时间变化的识别率。由于所提方法目前仅应用于8位Arduino UNO平台，本文还讨论了将其扩展至更复杂目标所面临的挑战。