TC: Medium: Collaborative Research: Securing Concurrency in Modern Systems

TC：媒介：协作研究：确保现代系统中的并发性

• 批准号: 0905177
• 负责人: Jedidiah Crandall
• 金额: $ 40万
• 依托单位: University of New Mexico
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-01 至 2013-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0905177&HistoricalAwards=false
• 关键词: TC; Medium; Collaborative; Research; Securing

This award is funded under the American Recovery and Reinvestment Act of 2009 (Public Law 111-5). Concurrency-related vulnerabilities are pervasive in modern computing systems. Concurrency exploits include time-of-check-to-time-of-use (TOCTTOU) race conditions in file systems, attacks on signal handlers, and evasive malware that uses concurrency to escape sandboxing mechanisms. As processors feature ever more parallelism, and computers process more of our sensitive data, defending against concurrency attacks is a key challenge for the coming decade. The first goal is to protect legitimate applications from concurrency attacks when they access system resources (e.g., prevent TOCTTOU attacks on file accesses and exploitable race conditions in signal handlers). The objective is to provide application programmers with mechanisms and policies for synchronizing access to system resources so they can avoid unintentional vulnerabilities. The second goal is to provide strong confinement of untrusted code in the presence of concurrency, i.e., blocking intentionally malicious behavior. Today's malware abuses concurrency mechanisms to bypass and circumvent containment mechanisms like reference monitors and system call wrappers. Providing robust system support for containing malicious code is a critical challenge in intrusion detection and prevention. Modern computing systems fundamentally depend on concurrency for their performance and functionality. Making sure that concurrency is used securely is essential for building a trusted cyber infrastructure. This research will have a significant impact on the practical development of secure software, and enable security-critical applications to realize the performance benefits of today's highly parallel systems.

该奖项是根据2009年《美国复苏与再投资法》（公法111-5）资助的。与并发相关的漏洞在现代计算系统中普遍存在。并发利用包括文件系统中的检查时间（TOCTTOU）竞赛条件，对信号处理程序的攻击以及使用并发来逃避沙盒机制的回避恶意软件。随着处理器具有越来越多的并行性，计算机处理更多的敏感数据，防御并发攻击是未来十年的关键挑战。第一个目标是在访问系统资源时保护合法应用程序免受并发攻击（例如，防止信号处理程序中的focttou攻击和可利用的种族条件）。目的是为应用程序程序员提供同步对系统资源访问的机制和政策，以避免无意识的脆弱性。第二个目标是在存在并发存在的情况下强烈限制不受信任的代码，即阻止故意恶意行为。当今的恶意软件滥用并发机制，绕过和绕过围栏机制，例如参考监视器和系统调用包装器。为包含恶意代码提供强大的系统支持是入侵检测和预防方面的关键挑战。现代计算系统从根本上取决于其性能和功能的并发。确保并发安全使用对于构建可信赖的网络基础设施至关重要。这项研究将对安全软件的实际开发产生重大影响，并使关键安全应用程序能够实现当今高度平行系统的性能优势。