Despite the profound and transformative changes brought about by the advent of technology, a cybersecurity attack is one of the major setbacks. By analyzing a computer program’s activity, such as how much time it spends accessing the computer’s memory, an experienced hacker can discover sensitive information, such as a password.
Many real-world systems cannot support security measures that totally prevent these “side-channel attacks” due to their high computing costs. Instead, engineers frequently employ so-called obfuscation strategies, which aim to reduce but not completely erase an attacker’s capacity to discover hidden information.
To help engineers and scientists better understand the effectiveness of different obfuscation schemes from these attackers, MIT researchers created a framework to quantitatively evaluate how much information an attacker could learn from a victim program with an obfuscation scheme in place.
Metior: A New Tool to Evaluate Cybersecurity Attack
Their framework, called Metior, allows the user to study how different victim programs, attacker strategies, and obfuscation scheme configurations affect the amount of sensitive information that is leaked. The framework could be used by engineers who develop microprocessors to evaluate the effectiveness of multiple security schemes and determine which architecture is most promising early in the chip design process.
“Metior helps us recognize that we shouldn’t look at these security schemes in isolation. It is very tempting to analyze the effectiveness of an obfuscation scheme for one particular victim, but this doesn’t help us understand why these attacks work. Looking at things from a higher level gives us a more holistic picture of what is actually going on,” says Peter Deutsch, the lead author of an open-access paper on Metior.
They had previously created CaSA, a tool to estimate the volume of data exposed by a specific kind of obfuscation strategy. However, they had higher expectations for Metior. The goal of the team was to create an all-encompassing model that could be applied to assess any obfuscation strategy, even those that haven’t yet been created.
They created Metior to map the flow of information through an obfuscation system into random variables in order to accomplish that purpose. For instance, the model creates a mathematical description of how a victim and attacker access shared memory structures on a computer chip.
Weon Taek Na, a graduate student in electrical engineering and computer science at MIT, Joel Emer, an MIT professor of the practice in computer science and electrical engineering, and senior author Mengjia Yan, the Homer A. Sloan Professor of Electrical Engineering, are among the authors of the research study that was presented at the International Symposium on Computer Architecture.
How Metior is Analyzing the Amount of Data Attackers Can Steal
The framework, One Metior, uses methods from information theory to comprehend how an attacker might be able to get information from a victim. With those components in place, Metior can calculate the likelihood that an attacker will correctly guess the victim’s confidential information.
To evaluate attack tactics and examine information loss from cutting-edge obfuscation systems, they used Metior in three case studies. Through their analyses, they learned how Metior can spot intriguing behaviors that weren’t previously fully understood.
As an illustration, a previous investigation found that a particular kind of side-channel attack known as probabilistic prime and probe was successful because this complex assault involves a first stage where it profiles a victim system to comprehend its defenses.
With the aid of Metior, they demonstrate that this sophisticated approach actually performs no worse than a straightforward, generic attack and that it makes use of several victim behaviors not previously recognized by researchers.
