CAREER: A Quantitative Framework for Analyzing and Mitigating Microarchitectural Side Channels

Microarchitectural side-channel attacks that breach processor security and broadly affect computer systems have become one of the major security threats. Those attacks exploit the fact that software, when executing on modern processors, leaves traces on microarchitecture structures, and the traces can reveal private user information. Current defenses against microarchitectural side-channel attacks aim to reduce information leakage but unavoidably incur performance overhead, because they lose the capability of fully exploiting performance optimizations in computing systems.

This project will develop a toolset to enable productive trade-offs between security and performance in mitigating microarchitectural side-channel attacks.

The project tackles fundamental research problems in designing, evaluating, and using channel obfuscation techniques. The technical approach is to frame microarchitectural side channels, a computer architecture security problem, as a communication problem, and constructs quantitative channel models for microarchitectural structures. The first project thrust constructs the quantitative channel models, characterizing and quantifying the impacts of complex hardware events.

The second thrust uses the channel models to measure the information leakage of the applications running on obfuscated architectures. The third thrust explores co-design channel obfuscation techniques with existing mitigation and detection solutions.

The project will develop a toolset to mitigate microarchitectural side-channel attacks efficiently. The toolset can benefit a wide range of people who design, manage, and use computing systems, including computer architects, system administrators, and software developers. In addition, this project will initiate an effort on course offerings in the area of hardware security at Massachusetts of Technology.

This project will also offer research opportunities to undergraduate students and under-represented minorities.

This project will store all publications, code, and data-sets on public-facing websites, hosted at Massachusetts of Technology for at least 3-years after the end of the project. This information will be made available via commercial websites. Links to these websites will be mirrored at http://people.csail.mit.edu/mengjia/projects.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.