Cutting Off the MAP: Helping to Build More Secure, High-Performance Computer Systems
Funding from the National Science Foundation will allow Rujia Wang, assistant professor of computer science at Illinois Institute of Technology, to conduct research that will hinder attacks on computer architecture and improve computing security and performance.
Attackers don’t always directly access information and data. Many analyze memory access patterns (MAP) to extrapolate information and data instead. By examining patterns in user data access, attackers can infer valuable information.
Wang will pursue a project titled “Practical Memory Access Pattern Obfuscation with Algorithms, Application, and Architecture Co-designs” to integrate hardware architecture, software infrastructure, and application-level algorithm design to improve system security with the $500,000 grant.
“We’re trying to develop defense mechanisms that can protect the computer system from side-channel attacks coming from the memory access pattern,” Wang says.
Attackers can gain the ability to see what files are being accessed, what applications are being run, and the hardware used to run the application through MAP observations. The attackers can then develop their own algorithm to reverse engineer the data being used to gain private information, or attack the computer system at the micro-architectural level.
MAP obfuscation techniques are used to keep attackers guessing as to what data is being accessed. When a user opens a folder, the obfuscation program will open a number of other folders as well to mask what files are being searched. Wang says these programs will open hundreds of other files to hide the file being sought. These techniques also relocate opened files to another part of the memory.
Wang says these methods are slow and make it difficult to find the data that users need.
“It works, but it is very costly,” she says. “These methods incur a lot of overhead.”
Some research in areas such as deep neural networks and high-performance computing requires accessing massive amounts of data, and from multiple sources. If MAP obfuscating is accessing hundreds of data files when a researcher needs one, it can require a a lot of time accessing the data they need.
Wang says her research will develop new techniques that will reduce the time it takes to collect the data needed to run massive data sets. It will do so while maintaining security to the computing system by combining MAP obfuscation through protection at the software and hardware levels.
“The goal is to keep MAP secure without applying as much overhead—to make it more practical,” Wang says. “We have some encouraging initial results that will help push this direction further.”