SaTC: TTP: Small: TRACE: Tracking Run-time Anomalies in Code Execution

SaTC:TTP:小:TRACE:跟踪代码执行中的运行时异常

基本信息

  • 批准号:
    2039615
  • 负责人:
  • 金额:
    $ 49.97万
  • 依托单位:
  • 依托单位国家:
    美国
  • 项目类别:
    Standard Grant
  • 财政年份:
    2021
  • 资助国家:
    美国
  • 起止时间:
    2021-07-15 至 2024-06-30
  • 项目状态:
    已结题

项目摘要

Connectivity of embedded computing devices in cyber-physical systems (CPS) makes robust cybersecurity crucial. While computer/network security approaches apply to CPS, leveraging the unique temporal behavior and code structure characteristics of CPS devices enables robust and complementary cybersecurity solutions. This project builds one such near-zero-cost solution, developed in part during the DARPA Rapid Attack Detection, Isolation and Characterization Systems (RADICS) project, that uses digital side channels to detect and characterize malware on embedded devices in CPS. This Transition To Practice project transitions this solution to a commercialization stage per the program’s aim to "support the development, implementation, and deployment of later-stage and applied security or privacy research into an operational environment in order to bridge the gap between research and production." "Tracking Run-time Anomalies in Code Execution" (TRACE) system is of interest to power utilities, power grid equipment vendors, embedded system designers, and US government agencies.For on-demand and continuous run-time integrity verification of fielded devices and detection of firmware/software anomalies, TRACE deploys lightweight measurer components to target devices to collect multi-modal on-device, time-series measurements (e.g., Hardware Performance Counters, stack traces, memory maps and memory-based measurements, kernel measurements). TRACE processes these measurements using an off-device machine learning based analysis component for threat detection (baseline-relative and baseline-independent). The multi-modal anomaly detection in TRACE uses low-dimensional feature extraction, deep learning, dynamic event sequence analysis, and probabilistic modeling and estimation algorithms. TRACE can detect malicious modifications to software/firmware as well as operating system rootkits. Efficacy of TRACE anomaly detection is being demonstrated on a variety of computation load profiles and devices with a focus on power grid devices in a typical substation.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
网络物理系统(CPS)中嵌入式计算设备的连通性至关重要。当计算机/网络安全方法适用于CPS时,利用CPS设备的唯一临时行为和代码结构特征可实现鲁棒和完整的网络安全解决方案。该项目构建了一个接近零成本的解决方案,部分是在DARPA快速攻击检测,隔离和表征系统(RADIC)项目中开发的,该项目使用数字侧渠道检测和表征CPS中嵌入式设备上的恶意软件。实践项目的过渡将该解决方案转变为该计划的目标,目的是“支持开发,实施和部署后期和应用安全性或隐私研究到运营环境,以弥合研究与生产之间的差距”。 “在代码执行中跟踪运行时异常”(跟踪)系统对电源公用事业,电网设备供应商,嵌入式系统设计师和美国政府机构都很感兴趣。对于现场设备的按需和连续的运行时完整性验证,对固件/软件的检测进行了固件/软件的检测,请跟踪型号的测量仪,以衡量级别的测量人员对数量的竞争量表,以供应量级量表,以衡量目标的跨度量表。 (例如,硬件性能计数器,堆栈跟踪,内存图和基于内存的测量,内核测量值)。痕量处理这些测量方法,使用基于机器学习的分析组件进行威胁检测(基线相关性和基线无关)。痕量中的多模式异常检测使用低维特征提取,深度学习,动态事件序列分析以及概率建模和估计算法。跟踪可以检测到对软件/固件以及操作系统rootkit的恶意修改。痕量异常检测的功效正在对各种计算负荷概况和设备进行证明,重点是典型变电站中的电网设备。该奖项反映了NSF的法定任务,并被认为是通过基金会的智力优点和更广泛的影响标准来评估通过评估来获得支持的。

项目成果

期刊论文数量(0)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)

暂无数据

数据更新时间:2024-06-01

Farshad Khorrami其他文献

Combining switching mechanism with re-initialization and anomaly detection for resiliency of cyber–physical systems
  • DOI:
    10.1016/j.automatica.2024.111994
    10.1016/j.automatica.2024.111994
  • 发表时间:
    2025-02-01
    2025-02-01
  • 期刊:
  • 影响因子:
  • 作者:
    Hao Fu;Prashanth Krishnamurthy;Farshad Khorrami
    Hao Fu;Prashanth Krishnamurthy;Farshad Khorrami
  • 通讯作者:
    Farshad Khorrami
    Farshad Khorrami
Cascade/feedback interconnections of prescribed-time input-to-state stable systems
  • DOI:
    10.1016/j.sysconle.2024.105857
    10.1016/j.sysconle.2024.105857
  • 发表时间:
    2024-08-01
    2024-08-01
  • 期刊:
  • 影响因子:
  • 作者:
    Prashanth Krishnamurthy;Farshad Khorrami;Anthony Tzes
    Prashanth Krishnamurthy;Farshad Khorrami;Anthony Tzes
  • 通讯作者:
    Anthony Tzes
    Anthony Tzes
Control of max-plus linear systems using feedback cycle shaping
  • DOI:
    10.1016/j.automatica.2024.111980
    10.1016/j.automatica.2024.111980
  • 发表时间:
    2025-01-01
    2025-01-01
  • 期刊:
  • 影响因子:
  • 作者:
    Vinicius Mariano Gonçalves;Prashanth Krishnamurthy;Anthony Tzes;Farshad Khorrami
    Vinicius Mariano Gonçalves;Prashanth Krishnamurthy;Anthony Tzes;Farshad Khorrami
  • 通讯作者:
    Farshad Khorrami
    Farshad Khorrami
Decentralized Adaptive Control of Mismatched Large Scale Interconnected Nonlinear Systems
  • DOI:
    10.1016/s1474-6670(17)46846-7
    10.1016/s1474-6670(17)46846-7
  • 发表时间:
    1995-06-01
    1995-06-01
  • 期刊:
  • 影响因子:
  • 作者:
    Sandeep Jain;Farshad Khorrami
    Sandeep Jain;Farshad Khorrami
  • 通讯作者:
    Farshad Khorrami
    Farshad Khorrami
An approximate factorization approach to multi-jammer location and range estimation from peer-to-peer connectivity measurements
  • DOI:
    10.1016/j.comnet.2021.108268
    10.1016/j.comnet.2021.108268
  • 发表时间:
    2021-09-04
    2021-09-04
  • 期刊:
  • 影响因子:
  • 作者:
    Prashanth Krishnamurthy;Farshad Khorrami;Rahul Kumar
    Prashanth Krishnamurthy;Farshad Khorrami;Rahul Kumar
  • 通讯作者:
    Rahul Kumar
    Rahul Kumar
共 6 条
  • 1
  • 2
前往

Farshad Khorrami的其他基金

Collaborative Research: Modeling and Control of Fuel Cell Based Distributed Energy System
合作研究:基于燃料电池的分布式能源系统的建模与控制
  • 批准号:
    0501539
    0501539
  • 财政年份:
    2005
  • 资助金额:
    $ 49.97万
    $ 49.97万
  • 项目类别:
    Standard Grant
    Standard Grant
Research Equipment Grant for Development of a High-Speed Ultra-Accurate Six DOF Manipulator Based on Two-Dimensional Linear Motors
研究设备资助用于开发基于二维直线电机的高速超精确六自由度机械臂
  • 批准号:
    9977693
    9977693
  • 财政年份:
    1999
  • 资助金额:
    $ 49.97万
    $ 49.97万
  • 项目类别:
    Standard Grant
    Standard Grant
Research Equipment for Development of High Speed Ultra Accurate Motors and Robotic Systems for Advanced Manufacturing Applications (ARI/MME)
用于先进制造应用的高速超精确电机和机器人系统开发的研究设备(ARI/MME)
  • 批准号:
    9413543
    9413543
  • 财政年份:
    1994
  • 资助金额:
    $ 49.97万
    $ 49.97万
  • 项目类别:
    Standard Grant
    Standard Grant
A Project Oriented Digital Control and Robotics Laboratory
面向项目的数字控制和机器人实验室
  • 批准号:
    9251451
    9251451
  • 财政年份:
    1992
  • 资助金额:
    $ 49.97万
    $ 49.97万
  • 项目类别:
    Standard Grant
    Standard Grant

相似国自然基金

TTP和XPO4蛋白介导lncRNA转运在子宫颈鳞状细胞癌中功能及机制的研究
  • 批准号:
  • 批准年份:
    2022
  • 资助金额:
    54 万元
  • 项目类别:
    面上项目
TTP和XPO4蛋白介导lncRNA转运在子宫颈鳞状细胞癌中功能及机制的研究
  • 批准号:
    32270590
  • 批准年份:
    2022
  • 资助金额:
    54.00 万元
  • 项目类别:
    面上项目
平滑肌中TTP在血压调控中的作用及机制研究
  • 批准号:
    82270457
  • 批准年份:
    2022
  • 资助金额:
    52.00 万元
  • 项目类别:
    面上项目
平滑肌中TTP在血压调控中的作用及机制研究
  • 批准号:
  • 批准年份:
    2022
  • 资助金额:
    52 万元
  • 项目类别:
    面上项目
TTP-KDM3A/CYP19A1调控滋养层细胞分化和侵袭的机制研究
  • 批准号:
    82171669
  • 批准年份:
    2021
  • 资助金额:
    54 万元
  • 项目类别:
    面上项目

相似海外基金

SaTC: TTP: Small: Experimental Platform for Rapid Prototyping and Deployment of Secure Multi-Party Protocols
SaTC:TTP:小型:安全多方协议快速原型设计和部署的实验平台
  • 批准号:
    2213057
    2213057
  • 财政年份:
    2022
  • 资助金额:
    $ 49.97万
    $ 49.97万
  • 项目类别:
    Standard Grant
    Standard Grant
Collaborative Research: SaTC: TTP: Small: eSLIC: Enhanced Security Static Analysis for Detecting Insecure Configuration Scripts
协作研究:SaTC:TTP:小型:eSLIC:用于检测不安全配置脚本的增强安全静态分析
  • 批准号:
    2247141
    2247141
  • 财政年份:
    2022
  • 资助金额:
    $ 49.97万
    $ 49.97万
  • 项目类别:
    Standard Grant
    Standard Grant
Collaborative Research: SaTC: TTP: Small: DeFake: Deploying a Tool for Robust Deepfake Detection
协作研究:SaTC:TTP:小型:DeFake:部署强大的 Deepfake 检测工具
  • 批准号:
    2310131
    2310131
  • 财政年份:
    2022
  • 资助金额:
    $ 49.97万
    $ 49.97万
  • 项目类别:
    Standard Grant
    Standard Grant
Collaborative Research: SaTC: TTP: Small: DeFake: Deploying a Tool for Robust Deepfake Detection
协作研究:SaTC:TTP:小型:DeFake:部署强大的 Deepfake 检测工具
  • 批准号:
    2040209
    2040209
  • 财政年份:
    2021
  • 资助金额:
    $ 49.97万
    $ 49.97万
  • 项目类别:
    Standard Grant
    Standard Grant
Collaborative Research: SaTC: TTP: Small: DeFake: Deploying a Tool for Robust Deepfake Detection
协作研究:SaTC:TTP:小型:DeFake:部署强大的 Deepfake 检测工具
  • 批准号:
    2040125
    2040125
  • 财政年份:
    2021
  • 资助金额:
    $ 49.97万
    $ 49.97万
  • 项目类别:
    Standard Grant
    Standard Grant