CRII: SaTC: Analyzing and verifying the security of TCP stacks under multi-entity interactions

CRII：SaTC：多实体交互下TCP协议栈的安全性分析与验证

• 批准号: 1464410
• 负责人: Zhiyun Qian
• 金额: $ 17.25万
• 依托单位: University of California-Riverside
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-06-01 至 2018-05-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1464410&HistoricalAwards=false
• 关键词: CRII; SaTC; Analyzing; verifying; security

The objective of this project is to strengthen the Transmission Control Protocol (TCP), a ubiquitous core Internet protocol, under emerging threat models to make it robust and secure enough to serve the needs of 'smart' technologies in communications, automobiles, medical devices, and other devices that touch our lives every day. It is terrifying to imagine that a smart car could fail to report an accident automatically due to a denial of service attack on its TCP connections, or a smart medical device could fail to report a patient's change in condition. This is not to mention the ever growing cyber attacks that leverage the global and powerful Internet. This project will systematically analyze the root causes of recent security vulnerabilities and generalize them. The results will offer valuable insights on how to avoid the problems. Further, the research is expected to lead to changes to the TCP implementations in major operating systems.Specifically, the research is motivated by the following observations. First, more subtle problems such as side channels have been overlooked in TCP stacks. Second, new threat models have merged, e.g., co-located entities that do not trust each other. Third, the end-to-end assumption of TCP is broken due to the prevalence of network middleboxes, host-based firewalls, and censorship firewalls. The research will leverage model checking to systematically search for vulnerabilities under a variety of threat models and network settings. The models will be constructed from popular operating systems (with recent and representative versions) as well as network middleboxes. They can serve as the basis for testing and verifying future TCP stack implementations.

传输控制协议（TCP）的目的是一种无处不在的核心Internet协议LS，可以使其稳健和确保足以满足“通信，汽车，医疗设备和其他设备”的需求攻击其TCP连接或智能医疗设备可以报告患者的状况变化。进一步的问题，预计TCP在主要操作系统中的实现。互相信任。 ）以及网络中间箱。