Ghada Dessouky.

Technische Universität Darmstadt

Ghada Dessouky is a PhD candidate and research assistant at the Systems Security Lab, at the Technical University of Darmstadt, advised by Prof. Ahmad-Reza Sadeghi. Her research interests include hardware-assisted security architectures, secure microarchitecture design, trusted execution environments, and open-source hardware, with published results in top-tier security and hardware design conferences. Ghada has received her Master’s in embedded systems engineering from the University of Stuttgart and her Bachelor’s from the German University in Cairo, Egypt. She is a recipient of 2 DAAD scholarship awards in 2009 and 2012-2013, as well as an ACM student travel grant in 2017.

Research Abstract:

In today’s ubiquitously digitalized and interconnected world, efficiently communicating, processing and storing information on our computing platforms, while preserving the security and privacy of the pertinent information, is a growing and increasingly challenging concern. This is, in part, because comprehensively verifying that our highly complex systems are trustworthy and free of flaws is virtually impossible. More concretely, widespread use of memory unsafe programming languages (e.g., C and C++) leaves many systems vulnerable to memory corruption vulnerabilities that can be exploited at run-time to maliciously hijack the execution of the software. Different defenses have been proposed in recent years to mitigate these attacks, however, they are software-based themselves and thus require exhaustive security verification. They also impose prohibitive performance overheads and may require software instrumentation.

One approach to reduce the trusted computing base (TCB) and provide more efficient security defenses is to rely on hardware as a root of trust. In the first part of our work, we explored using hardware support and processor extensions to enable more efficient hardware-assisted mitigation for run-time attacks. Our hardware extensions monitor and record the software execution at run-time to detect control-flow attacks, data-oriented attacks, and physical memory manipulation attacks. More recently, we also developed a hardware-assisted configurable defense that can be configured at run-time to adapt to different adversarial threats. Our work leverages open-source hardware, namely RISC-V, to extend the architecture and open-source processor implementations. On further leveraging hardware for security, we have also shown how open-source and industry-standard hardware synthesis tools can be used to create optimized Boolean circuits that are customized for different secure computation protocols in an efficient and automated way.

More recently, we have witnessed an outbreak of cross-layer and microarchitectural attacks, such as Spectre and Meltdown, where both hardware and software bugs are exploited to mount increasingly sophisticated attacks. This represents a major paradigm shift in system security, where software-only vulnerabilities were always assumed and that the underlying hardware is trusted and bug-free. Thus, these attacks motivated us to question the security of hardware design and implementation in general, and so we organized the largest international hardware security competition Hack@DAC in 2018 and 2019 to investigate the nature of hardware bugs and the effectiveness of their detection techniques. Our findings were alarming and revealed some fundamental limitations in existing techniques to detecting subtle hardware security flaws. On the microarchitectural front, we have also investigated alternative approaches to designing more secure microarchitecture components, with a focus on caches. Shared caches have been exploited by many recent attacks to infer private information from their inherent side-channel leakage. We have recently developed a secure and flexible cache microarchitecture design that provides a configurable performance-security trade-off by providing side-channel-resilience only for trusted execution, while preserving unaffected cache performance for the rest of execution. We are currently also investigating and integrating improved cache designs to open-source RISC-V processors.