CRII: SaTC: Comprehensive and Automated Techniques for Evaluating Defenses Against Code Reuse Attacks

CRII：SaTC：用于评估代码重用攻击防御的综合自动化技术

• 批准号: 1463870
• 负责人: John Criswell
• 金额: $ 17.35万
• 依托单位: University of Rochester
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-07-01 至 2019-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1463870&HistoricalAwards=false
• 关键词: CRII; SaTC; Comprehensive; Automated; Techniques

Modern society relies on computers to manage and transmit sensitive data. These computers run our banks, provide our telecommunications services (such as phone, TV, and Internet), and operate critical systems found in automobiles and power grids. The software on these systems is vulnerable to automated attacks and, if attacked successfully, can be used to cause the loss of money, property, and life. While researchers have developed automated, easy-to-use countermeasures to thwart such attacks, it is unclear whether these countermeasures work. Existing evaluations of such countermeasures are typically expensive because they are done by hand. They are also often wrong; attackers are able to defeat such countermeasures by increasing the sophistication of their attacks. If we do not know how well our defenses work, we do not know if we are safe.One common type of automated attack is the code reuse attack. This research investigates techniques and develops a tool that automatically determines whether a given countermeasure prevents code reuse attacks from working. This tool uses comprehensive static analysis to automatically determine which program instructions a code reuse attack may employ, whether the malicious computations of an attack can be mapped to those instructions, and whether the defense being analyzed prevents those instructions from being executed in the required order. The tool is automated and its static analysis is designed to aggressively consider all potential ways in which an attacker can reuse code in an attack. With this tool, users can determine whether existing defenses suffice to protect our computers or whether additional defenses are necessary. The project is developing metrics to enable tool users to compare defenses and state the level of security that a defense provides to a given program.

现代社会依靠计算机来管理和传输敏感数据。 这些计算机运行我们的银行，提供我们的电信服务（如电话，电视和互联网），并操作汽车和电网中的关键系统。 这些系统上的软件容易受到自动化攻击，如果攻击成功，可以用来造成金钱，财产和生命的损失。 虽然研究人员已经开发出了自动化、易于使用的对策来阻止此类攻击，但目前还不清楚这些对策是否有效。 对这种对策的现有评估通常是昂贵的，因为它们是手工完成的。 他们也经常是错误的;攻击者能够通过提高攻击的复杂性来击败这种对策。 如果我们不知道我们的防御工作如何，我们就不知道我们是否安全。一种常见的自动化攻击类型是代码重用攻击。 本研究调查技术和开发一个工具，自动确定是否一个给定的对策，防止代码重用攻击的工作。 该工具使用全面的静态分析来自动确定代码重用攻击可能使用哪些程序指令，攻击的恶意计算是否可以映射到这些指令，以及正在分析的防御是否阻止这些指令以所需的顺序执行。 该工具是自动化的，其静态分析旨在积极考虑攻击者可以在攻击中重用代码的所有潜在方式。 使用此工具，用户可以确定现有的防御是否足以保护我们的计算机，或者是否需要额外的防御。 该项目正在开发度量标准，使工具用户能够比较防御措施，并说明防御措施为给定程序提供的安全级别。