Nowadays, it is very common to share a computer with others, especially if you do
computation in the cloud or even on your own mobile device
said senior author Mengjia Yan. "
Through these shared resources, an attacker can seek out even very fine-grained information"
There are several ways a malicious program can target
shared memory to access sensitive information
The team focused on a solution to foil contention attacks—
when the malicious program tries to access memory hardware at the same time as another program
"The attacker is poking at the memory controller, the library door, to say,
'is it busy now?
'" said co-author Joel Emer. "If they get blocked because the library door is opening already
because the victim program is already using the
—they are going to get delayed.
The researchers developed a scheme that uses a graph structure, known as a directed
acyclic graph, or DAG, to process requests and submit the requests to the memory
controller on a fixed schedule
The structure allows memory hardware to be shared among programs securely.
The team named the security scheme DAGguise.