Researchers at the Massachusetts Institute of Technology (MIT) have introduced a new framework called Metior, which enables the quantitative evaluation of the effectiveness of different obfuscation schemes in cybersecurity.
Obfuscation schemes are employed to limit attackers’ ability to obtain sensitive information through side-channel attacks, where hackers observe a program’s behavior to gain secret data, such as passwords. Complete blocking of side-channel attacks is very expensive and impractical for real-world systems, prompting the use of obfuscation schemes that aim to restrict, and not completely eliminate, an attacker’s access to confidential information.
Metior provides a comprehensive assessment of the amount of information an attacker could potentially learn from a victim program protected by an obfuscation scheme. By studying various factors such as victim programs, attacker strategies, and obfuscation scheme configurations, engineers and scientists can determine the extent of leaked sensitive information.
“Metior helps us recognize that we shouldn’t look at these security schemes in isolation,” Peter Deutsch, an MIT graduate student and lead author of an open-access paper on Metior said. “It is very tempting to analyze the effectiveness of an obfuscation scheme for one particular victim, but this doesn’t help us understand why these attacks work. Looking at things from a higher level gives us a more holistic picture of what is actually going on.”
Through three case studies, Metior was applied to compare attack strategies and analyze the leakage of information from state-of-the-art obfuscation schemes. The evaluations yielded new insights, challenging previous assumptions about the effectiveness of certain attack methods.
“Moving forward, the researchers want to continue enhancing Metior so the framework can analyze even very complicated obfuscation schemes in a more efficient manner,” a post on MIT’s news page read. “They also want to study additional obfuscation schemes and types of victim programs, as well as conduct more detailed analyses of the most popular defenses.”
Metior is funded by the National Science Foundation, the MIT RSC Research Fund, the Air Force Office of Scientific Research, and Intel.