TC: Medium: Exploiting Multicore and Hardware Acceleration to Perform Efficient Behavior-Based Attack Detection and Repair

TC：中：利用多核和硬件加速执行高效的基于行为的攻击检测和修复

• 批准号: 1065112
• 负责人: David Brumley
• 金额: $ 114.02万
• 依托单位: Carnegie-Mellon University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2011
• 资助国家: 美国
• 起止时间: 2011-09-01 至 2016-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1065112&HistoricalAwards=false
• 关键词: TC; Medium; Exploiting; Multicore; Hardware

This research investigates techniques to efficiently detect the first exploit against an unknown vulnerability on a user system, and then safely heal the system against further attacks. The research uses dynamic analysis -- the ability to monitor code as it executes -- because it can be used to check safety and security properties of actual executions and make sure that each step of the execution is safe. However, existing dynamic analysis techniques are far too slow for end users, and currently do not help user systems self-heal. This research investigates techniques to overcome these limitations by developing efficient dynamic analysis techniques, as well as techniques for diagnosing the root cause of an exploited vulnerability, repairing any damage done, and defending the system against further attacks.

这项研究研究了有效检测到用户系统上未知漏洞的第一个利用的技术，然后安全地治愈系统，以防止进一步的攻击。 该研究使用动态分析 - 执行时监视代码的能力 - 因为它可用于检查实际执行的安全性和保障属性，并确保执行的每个步骤都是安全的。 但是，对于最终用户而言，现有的动态分析技术太慢了，目前无助于用户系统自我修复。 这项研究研究了通过开发有效的动态分析技术来克服这些局限性的技术，以及诊断被剥削脆弱性的根本原因，修复所做的任何损害并为系统辩护，以防止进一步攻击。