The author provides a detailed explanation of side-channel attacks and website fingerprinting, using examples and interactive demos. He also discusses his final project at MIT, where he replicated a study by Shusterman et al. on website fingerprinting, and found that he could reliably classify up to 100 websites. The author concludes by reflecting on the impact of the research on his academic and professional trajectory.
Key takeaways:
- The author presented a research paper at ISCA on a machine-learning-assisted side-channel attack, which won awards and recognition, including first place in Intel’s 2024 Hardware Security Academic Award.
- The paper demonstrated for the first time that system interrupts, a low-level mechanism that operating systems use to interact with hardware devices, can leak information about user activity.
- The research paper also highlighted the dangers of applying machine learning toward hardware security research, a lesson that the author believes is widely applicable, even outside of hardware security research.
- The author also discussed the concept of website fingerprinting, where one website attempts to identify the website open in another tab by taking advantage of a widely-studied side channel: the CPU cache.