SaTC: TTP: Medium: The Tigress Endpoint Protection Tool

SaTC：TTP：Medium：Tigress 端点保护工具

• 批准号: 2040206
• 负责人: Christian Collberg
• 金额: $ 95.02万
• 依托单位: University of Arizona
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-04-15 至 2025-03-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2040206&HistoricalAwards=false
• 关键词: SaTC; TTP; Medium; Tigress; Endpoint

In Computer Security, an endpoint is any piece of software under the control of a user who, if malicious, can gain an advantage by inspecting, reverse engineering, or tampering with the software. Vulnerable endpoints are ubiquitous and include software in automobiles, mobile phones, medical devices, smart meters, and IoT devices in smart homes. An endpoint security tool transforms software that will run on a device that is under the control of a potential adversary in order to delay the inspection of, tampering with, or reverse engineering the software. The project's impacts are that the investigators provide an endpoint security tool, Tigress, that aids commercial developers in securing their software assets against endpoint attacks. Tigress also gives the academic computer security community a competent adversary that allows more e^ective research into malware and software analysis. The project's novelties are that the investigators make available a comprehensive tool that can protect any kind of asset, in any kind of application, against any kind of endpoint attack.In this project the investigators transition Tigress to practice. Speci cally, Tigress' library of transformations are extended with protections against fuzzing, symbolic analysis, code-byte tampering, and emulation. Furthermore, performance of generated code is improved, allowing Tigress-generated code to run on low-powered devices, and investigators publish comprehensive security evaluation information so that developers know the level of protection Tigress a^ords their applications.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

在计算机安全中，端点是用户控制下的任何软件，如果是恶意的，用户可以通过检查、逆向工程或篡改软件来获得优势。易受攻击的端点无处不在，包括汽车、手机、医疗设备、智能电表和智能家居中的物联网设备中的软件。端点安全工具转换将在潜在对手控制下的设备上运行的软件，以延迟对软件的检查、篡改或逆向工程。该项目的影响是调查者提供了一个端点安全工具Tigress，它帮助商业开发人员保护他们的软件资产免受端点攻击。老虎也给学术计算机安全社区提供了一个强有力的对手，可以更有效地研究恶意软件和软件分析。该项目的新颖之处在于，研究人员提供了一种全面的工具，可以保护任何类型的资产，在任何类型的应用程序中，防止任何类型的端点攻击。在这个项目中，研究者将虎妞转化为实践。特别地，Tigress的转换库扩展了防止模糊、符号分析、代码字节篡改和仿真的保护。此外，生成代码的性能得到了改进，允许Tigress生成的代码在低功耗设备上运行，并且调查人员发布了全面的安全评估信息，以便开发人员了解Tigress保护其应用程序的级别。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。