Computer science assistant professor wins $534,595 NSF award to study ’side-channel’ hacker attacks
Security problems arise when CPUs and GPUs share resources on the same system
As our mobile devices and laptops get smaller and faster, the processing hardware inside often needs to share the built-in memory and other resources to provide optimal performance and energy efficiency.
The problem: Sometimes that sharing can allow hackers another way into your personal data.
Preventing these kinds of attacks has been a focus for Hoda Naghibijouybari, an assistant professor in the Department of Computer Science at Binghamton University’s Thomas J. Watson College of Engineering and Applied Science.
“My research looks at the intersection of computer architecture and system security,” she said. “So when systems evolve and improve, I explore the security aspect of these changes.”
She recently received a $534,595 grant from the National Science Foundation to study side-channel attacks, which happen when a malicious application can extract sensitive information from other applications running on the same system.
Modern computing systems use both a conventional central processing unit (CPU) as well as a graphics processing unit (GPU) — a heterogeneous design that works in tandem for multimedia and computing capabilities.
When an application needs a lot of computational power, the GPU works in parallel and can do the task very, very fast — up to 100 times faster than the CPU. The GPU has thousands of simple cores, and programmers can assign one essential small task to each of these cores.
In mobile devices and laptops, the CPU and GPU are tightly integrated and share some hardware resources like memory for efficient and fast data transfer. However, if a malicious application is running on one processor, it can launch an attack on another application running on the other processor, allowing a hacker to gain sensitive information about a user’s activities through shared resources.
These attacks are dangerous because they bypass built-in protections that focus on only the CPU or the GPU, Naghibijouybari said: “A user can be browsing the web, and the hacker’s application running on the GPU can monitor what websites they are visiting, or it can steal a password when the user is typing it.”
For the NSF grant, she has three main goals:
- Investigate side-channel attacks across components such as CPUs and GPUs in native apps on the mobile devices, laptops and personal computers.
- Investigate similar threats on web browsers, because Chrome, Firefox and other major browsers also rely on GPUs to run efficiently. Hackers can launch a remote attack on the GPU to steal passwords, web histories or similar sensitive information.
- Propose ways to defend against both kinds of attacks. If applications can be isolated to either the CPU or the GPU, they cannot communicate using the shared resources, thus thwarting hackers.
“Cross-component side-channel attacks have not been explored before. If we don’t address and solve these problems on modern systems, side-channel attacks will continue and threaten everyone’s privacy, so I think it’s really important for NSF to fund,” Naghibijouybari said.
The SF grant is titled “Microarchitectural side channel attacks and defenses in integrated CPU-GPU systems” (award #2130978).