TC: Medium: Collaborative Research: Securing Concurrency in Modern Systems

TC：媒介：协作研究：确保现代系统中的并发性

• 批准号: 0905602
• 负责人: Emmett Witchel
• 金额: $ 80万
• 依托单位: University of Texas at Austin
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-01 至 2013-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0905602&HistoricalAwards=false
• 关键词: TC; Medium; Collaborative; Research; Securing

This award is funded under the American Recovery and Reinvestment Act of 2009 (Public Law 111-5).Concurrency-related vulnerabilities are pervasive in modern computingsystems. Concurrency exploits include time-of-check-to-time-of-use(TOCTTOU) race conditions in file systems, attacks on signal handlers,and evasive malware that uses concurrency to escape sandboxingmechanisms. As processors feature ever more parallelism, andcomputers process more of our sensitive data, defending againstconcurrency attacks is a key challenge for the coming decade.The first goal is to protect legitimate applications from concurrencyattacks when they access system resources (e.g., prevent TOCTTOUattacks on file accesses and exploitable race conditions in signalhandlers). The objective is to provide application programmers withmechanisms and policies for synchronizing access to system resourcesso they can avoid unintentional vulnerabilities.The second goal is to provide strong confinement of untrusted code inthe presence of concurrency, i.e., blocking intentionally maliciousbehavior. Today's malware abuses concurrency mechanisms to bypass andcircumvent containment mechanisms like reference monitors and systemcall wrappers. Providing robust system support for containingmalicious code is a critical challenge in intrusion detection andprevention.Modern computing systems fundamentally depend on concurrency for theirperformance and functionality. Making sure that concurrency is usedsecurely is essential for building a trusted cyber infrastructure.This research will have a significant impact on the practicaldevelopment of secure software, and enable security-criticalapplications to realize the performance benefits of today's highlyparallel systems.

该奖项是根据2009年美国复苏和再投资法案(公法111-5)资助的。与并发相关的漏洞在现代计算系统中普遍存在。并发攻击包括文件系统中的检查时间到使用时间(TOCTTOU)争用条件、对信号处理程序的攻击以及使用并发来逃避沙箱机制的躲避恶意软件。随着处理器的并行性越来越强，计算机处理的敏感数据越来越多，防御并发攻击是未来十年的关键挑战。第一个目标是保护合法应用程序在访问系统资源时免受并发攻击(例如，防止对文件访问的TOCTTOU攻击和信号处理程序中可利用的竞争条件)。其目的是为应用程序程序员提供同步访问系统资源的机制和策略，以便他们可以避免无意的漏洞。第二个目标是在存在并发的情况下提供对不可信代码的严格限制，即故意阻止恶意行为。今天的恶意软件滥用并发机制来绕过和绕过引用监视器和系统调用包装等遏制机制。为遏制恶意代码提供可靠的系统支持是入侵检测和防御中的一个关键挑战。现代计算系统的性能和功能基本上依赖于并发性。确保并发的安全使用对构建可信的网络基础设施至关重要，这项研究将对安全软件的实际开发产生重大影响，并使安全关键应用程序能够实现当今高度并行系统的性能优势。