CDF Project- Securing Systems Software via Information Leakage Prevention CDF Project: Samsung Year 3 - SOW II As mobile, embedded, and Internet of Things devices experience unprecedented growth, the mitigation of attacks has drastically risen in importance. Such ubiquitous computer devices are operated by systems software such as operating systems. Since these systems are a substructure of computing devices, the security is particularly important. These systems, however, suffer from a variety of insecure designs and vulnerabilities, and thus, they are being the primary target of attackers. Such system attacks exploiting insecure designs and vulnerabilities have become a critical threat. According to the U.S. National Vulnerability Database, more than 2,000 vulnerabilities have been reported only in the Linux kernel. The system attacks are started from leaking the sensitive information to control victim systems ultimately. Modern systems software takes advantage of randomized-based defense technologies, in turn, identifying randomized values such as target modules address has become a prerequisite. In addition, systems software hosts sensitive information including cryptographic keys, credentials, system information, file caches, etc. By preventing such sensitive information leakages, we ensure that attackers are not able to reach the prerequisite information which can lead them to control victim systems and the other sensitive information. Therefore, it is of great importance that investigating root causes of system information leakage and protecting them. Advances in hardening software systems with protection mechanisms have increased the difficulty and effectively defended basic memory corruption attacks. Undaunted, attackers are moving on to target a new attack surface. Especially, the cache side channel attacks and the use-after-free attacks are recognized as promising attack methods that can bypass the state-of-art mitigations used in a lot of systems software. Cache side-channel attacks exploit the time differences between a cache hit and a cache miss to infer sensitive information to which attackers otherwise do not have access. The use-after-free utilizes previously-freed memory, which can make injurious consequences from the corruption of valid data to the execution of arbitrary code. To summary, information leakages in systems software have become a more prevalent vulnerability than other basic memory corruption vulnerabilities due to the advanced defense mechanisms. More importantly, such system information leakages can result in the collapse of the defenses, and thus, we are in need of a new defense against the attack methods that can extract sensitive information, bypassing the state-of-art mitigations. Currently, practical prevention of such attack methods is largely an uncharted territory.
|Effective start/end date||12/4/18 → 12/5/18|
- INDUSTRY: Foreign Company: $1.00
Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.