"Thinking like a Cyber-Attacker to Protect User Data"

According to MIT researchers, a component of computer processors that connects different parts of the chip can be exploited by malicious agents seeking to steal secret information from programs running on the computer. Modern computer processors contain a large number of computing units known as cores that share the same hardware resources. The component that allows these cores to communicate with one another is the on-chip interconnect. However, when programs on multiple cores run simultaneously, they can delay each other when using the interconnect to send data across the chip at the same time. A malicious agent could conduct a side-channel attack and reconstruct secret information stored in a program, such as a cryptographic key or password, by monitoring and measuring these delays. MIT researchers reverse-engineered the on-chip interconnect to investigate how such an attack could be carried out. Based on their findings, they created an analytical model of how traffic flows between processor cores, which they used to design and execute effective side-channel attacks. Then they developed two mitigation strategies that allow a user to improve security without physically altering the computer chip. The researchers hope that their approach with this analytical model will encourage more systematic and robust defenses that eliminate entire classes of attacks at once. This article continues to discuss the MIT researchers' study on the vulnerability of a component of computer processors to attacks from malicious agents, as well as the mitigation mechanisms they developed. 

MIT News reports "Thinking like a Cyber-Attacker to Protect User Data"