Original Source Here
‘MORPHEUS’ chip lives up to its reputaiton of being “unhackable”
Pitted against 525 hackers in a 3-month long bug bounty program by DARPA, the next-gen tech was able to ward off every attack
Cybersecurity continues to be an ever-pressing challenge in the tech world. Security researchers seem to be in a race against time to patch the vulnerabilities that keep popping up ever so often these days. And they seem to be losing the game, as was evident from the recent cyberattack on JBS — the largest meat producer in the world. Although the company seems to be resuming operations after the ransomware attack, it saw the Brazil-based meat processor’s various plants in the U.S, Canada & Australia go offline. And the culprit was yet again a Russian-speaking gang called REvil.
The spate of high-profile attacks that we have already seen this year points to the fact that we now need a new approach to tackle this massive problem — the conventional bugs-and-patches paradigm is just not working out. If we are ever able to catch up to this problem, we need to follow a more dynamic approach. Apart from good cybersecurity practices, we should have a hardware component addressing the issues as well. Otherwise adding more code to the current software would always present hackers with an opportunity to find additional vulnerabilities.
This is where Defense Advanced Research Projects Agency (DARPA)-backed ‘MORPEHUS’ technology shows the way. Originally earmarked in 2017 to tackle the growing problem of Cybersecurity, the project is now coming to fruition. The “unhackable” computer chip developed by computer science researchers at the University of Michigan — previously tested in the lab for its security robustness, MORPHEUS was recently exposed to a group of skilled cybersecurity researchers from around the globe.
“I’m excited to see how MORPHEUS evolves now that it has proven itself in FETT… We are adapting the technology to protect the most sensitive data in the cloud, including medical and genomic data, biometrics and financial credentials.”
~ Todd Austing, Study Team Lead
Pitted against 525 professionals in the field, MORPHEUS was able to weather the attacks without a single successful attempt. The 3-month virtual bug bounty program organized by DARPA in collaboration with the Department of Defense’s Defense Digital Service (DDS) and Synack and was dubbed as FETT (Finding Exploits to Thwart Tampering) — running through Jun. to Aug. 2020, the program tested various other technologies from MIT, Cambridge & Lockheed Martin, among others.
The success of MORPHEUS tech lies in its departure from the traditional security technique of finding and eliminating software bugs periodically. This ensures that you stay ahead of the hackers. MORPHEUS works by reconfiguring key bits of its code and data dozens of times per second, turning any vulnerabilities into dead ends for hackers. According to the Team Lead, You can compare this to a Rubik’s Cube that rearranges itself every time you blink.
For FETT, the MORPHEUS architecture was built into a computer system that housed a mock medical database; computer experts were invited to try to breach it remotely. MORPHEUS was the second-most popular target of the seven processors evaluated under FETT. While it may seem like a security fortress for hackers, MORPHEUS is transparent to software developers and end-users — on randomizing bits of data known as “undefined semantics.”
Undefined semantics include the location, format, and content of program code. Legitimate programmers don’t generally interact with these basic components of the processor machinery, but nefarious players can reverse-engineer them to uncover vulnerabilities. Utilizing what the researchers call “encryption and churn,” the MORPHEUS chip encrypts the data while churn re-randomizes it in real-time to stay ahead of the hacker attacks.
Under normal circumstances, the churn rate is kept low to optimize the system performance, but once a would-be hacker exercises an undefined semantic in an attempted attack, the churn rate spikes to stop them from progressing any further. After the conclusion of the challenge, MORPHEUS is progressing through a U-M spin-off, Agita Labs, to evolve into a real-world cybersecurity solution.
Although futurists envision quantum tech to finally solve our cybersecurity problems, MORPHEUS certainly seems to be the closest thing to a future-proof secure system. The end to “patch & pray” might be within our reach.
Complete Research was published in the ACM Digital Library.
Stay informed with the content that matters — Join my mailing list
Trending AI/ML Article Identified & Digested via Granola by Ramsey Elbasheer; a Machine-Driven RSS Bot