SaTC: CORE: Small: Automatic Software Patching against Microarchitectual Attacks

SaTC：核心：小型：针对微架构攻击的自动软件修补

• 批准号: 1956032
• 负责人: Mahmut Kandemir
• 金额: $ 50万
• 依托单位: Pennsylvania State Univ University Park
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2020
• 资助国家: 美国
• 起止时间: 2020-07-01 至 2024-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1956032&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Automatic; Software

Cybersecurity attacks are estimated to cost businesses trillions of dollars in 2019 and microarchitectural attacks are becoming an increasingly important attack surface. Microarchitectural attacks reveal confidential information by taking advantage of weaknesses in how hardware manage data to maximize efficiency. For example, the high-profile Spectre and Meltdown attacks are microarchitectural attacks that make nearly all modern CPUs exploitable. To close the root of microarchitectural attacks, new secure hardware designs are promising in a long term, but they are unlikely to be adopted in any close future. On the other hand, very few of existing software-based solutions target Spectre-like attacks or automatically fix vulnerabilities. The project will develop an application-level toolchain so that the patched applications are secure on existing commodity operating systems and hardware. The developed toolchain will significantly strengthen the security of applications currently vulnerable to microarchitectural attacks.This award investigates an automated approach to detecting and mitigating microarchitectural attacks for applications running on existing commodity operating systems and hardware. More specifically, the project leverages novel language- and compiler-based strategies, which include program analysis techniques that identify sensitive memory requests and characterize them as a new concept called differential sets; compiler-level automated patching techniques for removing differential sets or vulnerabilities when it is possible to do so; and an end-to-end evaluation of the proposed approach using a variety of architectures, attack models, and application programs. With these strategies and techniques, side-channel based microarchitectural attacks can be largely mitigated.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

据估计，2019年网络安全攻击将使企业损失数万亿美元，微架构攻击正成为越来越重要的攻击面。微架构攻击通过利用硬件管理数据的弱点来最大限度地提高效率，从而泄露机密信息。例如，备受瞩目的Spectre和Meltdown攻击是微架构攻击，几乎所有现代CPU都可被利用。为了消除微架构攻击的根源，新的安全硬件设计在长期内是有希望的，但它们不太可能在不久的将来被采用。另一方面，现有的基于软件的解决方案很少针对类似幽灵的攻击或自动修复漏洞。该项目将开发一个应用程序级工具链，以便修补的应用程序在现有的商品操作系统和硬件上是安全的。开发的工具链将显著加强目前易受微架构攻击的应用程序的安全性。该奖项研究了一种自动化方法，用于检测和缓解在现有商品操作系统和硬件上运行的应用程序的微架构攻击。更具体地说，该项目利用了新的基于语言和编译器的战略，其中包括程序分析技术，这些技术可以识别敏感的内存请求，并将其描述为一个称为差异集的新概念;编译器级自动修补技术，用于在可能的情况下删除差异集或漏洞;以及使用各种体系结构、攻击模型和应用程序对所提出的方法进行端到端评估。有了这些策略和技术，基于侧信道的微架构攻击可以在很大程度上减轻。这个奖项反映了NSF的法定使命，并已被认为是值得通过使用基金会的智力价值和更广泛的影响审查标准进行评估的支持。

项目成果

SpecSafe: detecting cache side channels in a speculative world

• DOI: 10.1145/3485506
• 发表时间: 2021-10
• 期刊: Proceedings of the ACM on Programming Languages
• 作者: Robert Brotzman;Danfeng Zhang;M. Kandemir;Gang Tan

Ghost Thread: Effective User-Space Cache Side Channel Protection

• DOI: 10.1145/3422337.3447846
• 发表时间: 2021-04
• 期刊: Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy
• 作者: Robert Brotzman;Danfeng Zhang;M. Kandemir;Gang Tan