CAREER: Principled and Practical Software Shielding against Advanced Exploits

职业：针对高级漏洞的有原则且实用的软件防护

• 批准号: 1749895
• 负责人: Michail Polychronakis
• 金额: $ 49.99万
• 依托单位: SUNY at Stony Brook
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-06-01 至 2024-11-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1749895&HistoricalAwards=false
• 关键词: CAREER; Principled; Practical; Software; Shielding

The exploitation of memory corruption vulnerabilities in popular software is among the leading causes of system compromise and malware infection. While there are several reasons behind this proliferation of exploitable bugs, the reliance on unsafe programming languages such as C and C++ and the complexity of modern software play a major role. The continuous discovery of previously unknown (zero-day) vulnerabilities in browsers, document viewers, and other widely used software, and the lack of effective defenses against recent exploitation techniques that leverage memory disclosure vulnerabilities, necessitate the development of additional defense mechanisms.The main objective of this project is the design of software shielding techniques and their practical applicability to commodity software and systems. The key innovative aspects of the investigated techniques include: i) principled design that considers the strong adversarial models imposed by the latest exploitation advancements, i.e., disclosure-aided exploitation and data-only attacks, against which effective countermeasures remain an open problem; ii) novel code specialization and data protection techniques, to introduce process-level unpredictability and limit the exposure of critical data; iii) hardware-assisted implementation by leveraging recent and upcoming processor features to minimize the performance impact of the applied protections; and iv) focus on practical considerations, such as operational compatibility and non-disruptive deployment. The outcomes of this research effort are expected to improve the state of the art in defenses against advanced exploits, and achieve substantial practical impact by shielding existing vulnerable applications against exploitation, benefiting both end users and security researchers. The project also provides students the opportunity to conduct research in cybersecurity, and fosters the integration of cybersecurity into high school education through hands-on workshops for students and seminars for science teachers.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

利用流行软件中的内存损坏漏洞是系统受损和恶意软件感染的主要原因之一。虽然可利用错误激增背后有多种原因，但对 C 和 C++ 等不安全编程语言的依赖以及现代软件的复杂性发挥了重要作用。浏览器、文档查看器和其他广泛使用的软件中不断发现以前未知的（零日）漏洞，并且缺乏针对最近利用内存泄露漏洞的利用技术的有效防御，因此有必要开发额外的防御机制。该项目的目标是软件屏蔽技术的设计及其对商品软件和系统的实际适用性。所研究技术的关键创新方面包括：i）原则性设计，考虑了最新利用进展所施加的强大对抗模型，即披露辅助利用和纯数据攻击，针对这些攻击，有效的对策仍然是一个悬而未决的问题； ii) 新颖的代码专业化和数据保护技术，以引入流程级别的不可预测性并限制关键数据的暴露； iii) 通过利用最新和即将推出的处理器功能来进行硬件辅助实施，以最大限度地减少所应用保护的性能影响； iv) 注重实际考虑，例如操作兼容性和无中断部署。这项研究工作的成果预计将提高防御高级漏洞利用的技术水平，并通过保护现有易受攻击的应用程序免受利用来实现重大的实际影响，使最终用户和安全研究人员受益。该项目还为学生提供了进行网络安全研究的机会，并通过为学生举办的实践研讨会和为科学教师举办的研讨会，促进将网络安全融入高中教育。该奖项反映了 NSF 的法定使命，并被认为值得通过以下方式获得支持：使用基金会的智力价值和更广泛的影响审查标准进行评估。

项目成果

The SEVerESt Of Them All: Inference Attacks Against Secure Virtual Enclaves

• DOI: 10.1145/3321705.3329820
• 发表时间: 2019-07
• 期刊: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security
• 作者: Jan Werner;Joshua Mason;M. Antonakakis;M. Polychronakis;F. Monrose

Temporal System Call Specialization for Attack Surface Reduction

• 发表时间: 2020
• 作者: Seyedhamed Ghavamnia;Tapti Palit;Shachee Mishra;M. Polychronakis

Confine: Automated System Call Policy Generation for Container Attack Surface Reduction

• 发表时间: 2020
• 作者: Seyedhamed Ghavamnia;Tapti Palit;Azzedine Benameur;M. Polychronakis

Decap: Deprivileging Programs by Reducing Their Capabilities

Decap：通过降低程序的能力来剥夺程序的特权

• DOI: 10.1145/3545948.3545978
• 发表时间: 2022
• 期刊: Intrusions and Defenses (RAID
• 作者: Hasan, Md Mehedi;Ghavamnia, Seyedhamed;Polychronakis, Michalis
• 通讯作者: Polychronakis, Michalis

C2C: Fine-grained Configuration-driven System Call Filtering

• DOI: 10.1145/3548606.3559366
• 发表时间: 2022-11
• 期刊: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security
• 作者: Seyedhamed Ghavamnia;Tapti Palit;M. Polychronakis