SaTC: CORE: Small: Collaborative: Enabling Precise and Automated Insecurity Analysis of Middleware on Mobile Platforms

SaTC：核心：小型：协作：实现移动平台上中间件的精确和自动不安全分析

• 批准号: 1856380
• 负责人: Qiang Zeng
• 金额: $ 16.67万
• 依托单位: University of South Carolina at Columbia
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-10-01 至 2022-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1856380&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Collaborative; Enabling

During the past decade, middleware on mobile platforms (such as the Application Framework in Android and the Core Services layer in iOS) has been flourishing, but the insecurity analysis of such middleware has been lagging behind. For example, while comprehensive studies have been conducted at the application layer of the Android system, there is very limited work analyzing the Android Application Framework (Android Framework, for short), a middleware layer in the Android system. The two billion Android mobile devices and the many Android Things devices all rely on the system services provided by Android Framework. Recently, many vulnerabilities of Android Framework are exposed, showing that Android Framework is vulnerable and exploitable. Given the critical role of Android Framework, a vulnerability in the framework can be exploited to launch large-scale cyber attacks and cause serious harms to user security and privacy. However, the insecurity analysis of Android Framework has been rather ad hoc, imprecise, and requires much manual effort, mainly because there is a severe lack of techniques and tools developed for insecurity analysis of such middleware on mobile platforms (MoMP). This research project seeks to fill the gap by developing new techniques and tools for insecurity analysis of MoMP like Android Framework and consequently lead to more secure and trustworthy computing environments for the huge number of smartphone and Internet-of-Things (IoT) device users. Educational resources developed in this project, including course modules on mobile computing security and vulnerability discovery, will be disseminated through a dedicated web site. Collaborations with the industry will be sought to transfer the technology to interested software companies and government entities that perform insecurity analysis of MoMP.The project will develop new architectural designs, algorithms and techniques for precise and automated insecurity analysis of MoMP. To make the research concrete, demonstrations will be created for the Android Framework for mobile smartphones, tablets and IoT devices, and the first platform for precise and automated insecurity analysis of Android Framework will be built, combining current software analysis techniques, such as symbolic execution, hybrid dynamic/static analysis, and cross-process and cross-layer software analysis, to make them capable of analyzing complex and large-sized MoMP like Android Framework. The platform will be evaluated and applied to discovering various types of zero-day vulnerabilities and generating proof-of-concept exploits.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

近十年来，移动平台上的中间件（如Android中的Application Framework、iOS中的Core Services层）蓬勃发展，但对此类中间件的不安全性分析却相对滞后。例如，虽然对Android系统的应用层进行了全面的研究，但对Android系统中间件层Android应用程序框架（简称Android Framework）的分析工作却非常有限。二十亿个Android移动设备和众多的Android Things设备都依赖于Android Framework提供的系统服务。近期，Android Framework的多个漏洞被曝光，表明Android Framework存在脆弱性和可利用性。鉴于Android框架的关键作用，框架中的漏洞可能被利用来发起大规模网络攻击，对用户安全和隐私造成严重危害。然而，Android Framework的不安全分析相当临时、不精确，并且需要大量的人工工作，这主要是因为移动平台上此类中间件（MoMP）的不安全分析技术和工具严重缺乏。该研究项目旨在通过开发用于 Android 框架等 MoMP 不安全分析的新技术和工具来填补这一空白，从而为大量智能手机和物联网 (IoT) 设备用户带来更安全、更值得信赖的计算环境。该项目开发的教育资源，包括移动计算安全和漏洞发现的课程模块，将通过专门的网站传播。将寻求与业界的合作，将该技术转让给对 MoMP 进行不安全分析的感兴趣的软件公司和政府实体。该项目将开发新的架构设计、算法和技术，以对 MoMP 进行精确和自动化的不安全分析。为了使研究具体化，将为移动智能手机、平板电脑和物联网设备的Android框架创建演示，并将结合当前的软件分析技术（例如符号执行），构建第一个对Android框架进行精确和自动化不安全分析的平台、混合动态/静态分析以及跨进程和跨层软件分析，使它们能够像Android Framework一样分析复杂和大型的MoMP。该平台将被评估并应用于发现各种类型的零日漏洞并生成概念验证漏洞。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

IoT Phantom-Delay Attacks: Demystifying and Exploiting IoT Timeout Behaviors

物联网幻像延迟攻击：揭秘和利用物联网超时行为

• DOI: 10.1109/dsn53405.2022.00050
• 发表时间: 2022-06-01
• 期刊: 2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
• 作者: Chenglong Fu;Qiang Zeng;Haotian Chi;Xiaojiang Du;Siva Likitha Valluru
• 通讯作者: Siva Likitha Valluru

A Cross-Architecture Instruction Embedding Model for Natural Language Processing-Inspired Binary Code Analysis

用于受自然语言处理启发的二进制代码分析的跨架构指令嵌入模型

• DOI: 10.14722/bar.2019.23057
• 发表时间: 2019-01
• 期刊: NDSS Workshop on Binary Analysis Research (BAR
• 作者: Redmond, Kimberly;Luo, Lannan;Zeng, Qiang
• 通讯作者: Zeng, Qiang

Delay Wreaks Havoc on Your Smart Home: Delay-based Automation Interference Attacks

延迟对您的智能家居造成严重破坏：基于延迟的自动化干扰攻击

• DOI: 10.1109/sp46214.2022.9833620
• 发表时间: 2022-05-01
• 期刊: 2022 IEEE Symposium on Security and Privacy (SP)
• 作者: Haotian Chi;Chenglong Fu;Qiang Zeng;Xiaojiang Du
• 通讯作者: Xiaojiang Du

T2Pair: Secure and Usable Pairing for Heterogeneous IoT Devices

T2Pair：异构物联网设备的安全且可用的配对

• DOI: 10.1145/3372297.3417286
• 发表时间: 2020-10
• 期刊: CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
• 作者: Li, Xiaopeng;Zeng, Qiang;Luo, Lannan;Luo, Tongbo
• 通讯作者: Luo, Tongbo

Cross-App Interference Threats in Smart Homes: Categorization, Detection and Handling

智能家居中的跨应用干扰威胁：分类、检测和处理

• DOI: 10.1109/dsn48063.2020.00056
• 发表时间: 2020-06
• 期刊: Proc. of 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2020
• 作者: Chi, Haotian;Zeng, Qiang;Du, Xiaojiang;Yu, Jiaping
• 通讯作者: Yu, Jiaping