CRII: SaTC: Comprehensive and Automated Techniques for Evaluating Defenses Against Code Reuse Attacks

CRII：SaTC：用于评估代码重用攻击防御的综合自动化技术

• 批准号: 1463870
• 负责人: John Criswell
• 金额: $ 17.35万
• 依托单位: University of Rochester
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-07-01 至 2019-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1463870&HistoricalAwards=false
• 关键词: CRII; SaTC; Comprehensive; Automated; Techniques

Modern society relies on computers to manage and transmit sensitive data. These computers run our banks, provide our telecommunications services (such as phone, TV, and Internet), and operate critical systems found in automobiles and power grids. The software on these systems is vulnerable to automated attacks and, if attacked successfully, can be used to cause the loss of money, property, and life. While researchers have developed automated, easy-to-use countermeasures to thwart such attacks, it is unclear whether these countermeasures work. Existing evaluations of such countermeasures are typically expensive because they are done by hand. They are also often wrong; attackers are able to defeat such countermeasures by increasing the sophistication of their attacks. If we do not know how well our defenses work, we do not know if we are safe.One common type of automated attack is the code reuse attack. This research investigates techniques and develops a tool that automatically determines whether a given countermeasure prevents code reuse attacks from working. This tool uses comprehensive static analysis to automatically determine which program instructions a code reuse attack may employ, whether the malicious computations of an attack can be mapped to those instructions, and whether the defense being analyzed prevents those instructions from being executed in the required order. The tool is automated and its static analysis is designed to aggressively consider all potential ways in which an attacker can reuse code in an attack. With this tool, users can determine whether existing defenses suffice to protect our computers or whether additional defenses are necessary. The project is developing metrics to enable tool users to compare defenses and state the level of security that a defense provides to a given program.

现代社会依靠计算机来管理和传输敏感数据。这些计算机管理我们的银行，提供我们的电信服务（如电话、电视和互联网），并操作汽车和电网中的关键系统。这些系统上的软件很容易受到自动攻击，如果攻击成功，可能会造成金钱、财产和生命的损失。虽然研究人员已经开发出自动化的、易于使用的对策来阻止此类攻击，但尚不清楚这些对策是否有效。对这些对策的现有评估通常是昂贵的，因为它们是手工完成的。他们也经常是错误的；攻击者可以通过提高攻击的复杂程度来击败这些对抗措施。如果我们不知道我们的防御工作有多好，我们就不知道我们是否安全。一种常见的自动攻击类型是代码重用攻击。这项研究调查了技术并开发了一种工具，可以自动确定给定的对策是否可以防止代码重用攻击。该工具使用全面的静态分析来自动确定代码重用攻击可能使用哪些程序指令，攻击的恶意计算是否可以映射到这些指令，以及被分析的防御是否阻止这些指令按照所需的顺序执行。该工具是自动化的，其静态分析旨在积极考虑攻击者在攻击中重用代码的所有潜在方式。有了这个工具，用户可以确定现有的防御是否足以保护我们的计算机，或者是否需要额外的防御。该项目正在开发度量，使工具用户能够比较防御，并说明防御为给定程序提供的安全级别。