CYBERSECURITYThinking Like a Cyber-Attacker to Protect User Data
Researchers found that an understudied component of computer processors is susceptible to attacks from malicious agents. Then, they developed mitigation mechanisms.
A component of computer processors that connects different parts of the chip can be exploited by malicious agents who seek to steal secret information from programs running on the computer, MIT researchers have found.
Modern computer processors contain many computing units, called cores, which share the same hardware resources. The on-chip interconnect is the component that enables these cores to communicate with each other. But when programs on multiple cores run simultaneously, there is a chance they can delay one another when they use the interconnect to send data across the chip at the same time.
By monitoring and measuring these delays, a malicious agent could conduct what is known as a “side-channel attack” and reconstruct secret information that is stored in a program, such as a cryptographic key or password.
MIT researchers reverse-engineered the on-chip interconnect to study how this kind of attack would be possible. Drawing on their discoveries, they built an analytical model of how traffic flows between the cores on a processor, which they used to design and launch surprisingly effective side-channel attacks. Then they developed two mitigation strategies that enable a user to improve security without making any physical changes to the computer chip.
“A lot of current side-channel defenses are ad hoc — we see a little bit of leakage here and we patch it. We hope our approach with this analytical model pushes more systematic and robust defenses that eliminate whole classes of attacks at the same time,” says co-lead author Miles Dai, MEng ’21.
Dai wrote the paper with co-lead author Riccardo Paccagnella, a graduate student at the University of Illinois at Urbana-Champaign; Miguel Gomez-Garcia ’22; John McCalpin, a research scientist at Texas Advanced Computing Center; and senior author Mengjia Yan, the Homer A. Burnell Career Development Assistant Professor of Electrical Engineering and Computer Science (EECS) and a member of the Computer Science and Artificial Intelligence Laboratory (CSAIL). The research is being presented at the USENIX Security Conference.
