CAREER: Whole-Kernel Analysis Against Developer- and Compiler-Introduced Errors

职业：针对开发人员和编译器引入的错误进行全内核分析

• 批准号: 2045478
• 负责人: Kangjie Lu
• 金额: $ 49.3万
• 依托单位: University of Minnesota-Twin Cities
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-10-01 至 2026-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2045478&HistoricalAwards=false
• 关键词: CAREER; Whole; Kernel; Analysis; Against

An operating system (OS) kernel is the heart of a computer system. It controls virtually everything in the system and thus is the most important part of the system. Modern OS kernels have become extremely large and complex, containing tens of millions of lines of code. As such, they tend to have a large number of errors that are introduced by not only developers but also compilers. Kernel errors are particularly security-critical because a single error in the kernel may break the whole system. Therefore, detecting and eliminating errors in OS kernels is imperative. This is however very challenging because OS kernels are full of hard-to-analyze code artifacts, and the errors take diverse forms and are hard to be specified for detection. This project aims to combat both developer- and compiler-introduced errors by proposing a set of new approaches and techniques, and by realizing them in a precise, whole-kernel analysis system. The project is expected to improve the security of widely used computer systems, to protect user data and privacy, and to advance the knowledge in the fields of security, systems, compilers, and software engineering. In addition, the resulting system will be integrated into educational tools to help raise student awareness of errors and also to improve their skills in writing secure and correct code.The project is structured into three research thrusts. (1) Enabling precise whole-kernel analysis with foundational techniques. This project first aims to tackle multiple important problems, such as the prevalent hand-written assembly and the monolithic nature, that have been impeding precise whole-kernel analysis. (2) Detecting semantic errors and even insecure function designs through multiple new peer-checking techniques. These techniques minimize the needs for the challenging semantic understanding and error specification in detection, and expect to turn peer-checking into a powerful and generic error-detection approach. (3) Discovering and eliminating compiler-introduced security errors. Compilers tend to focus on semantic correctness but overlook security states, leading to security errors. This thrust aims to create a new memory model to capture security states, and a new oracle to determine security errors introduced by compilers. In addition to detecting errors, the generic approaches and techniques of this project would also advance future research on the analysis and protection of computer systems.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

操作系统（OS）内核是计算机系统的心脏。它几乎控制着系统中的一切，因此是系统中最重要的部分。现代操作系统内核已经变得非常庞大和复杂，包含数千万行代码。因此，它们往往会有大量的错误，这些错误不仅是由开发人员引入的，也是由编译器引入的。内核错误对安全性特别重要，因为内核中的单个错误可能会破坏整个系统。因此，检测和消除操作系统内核中的错误势在必行。然而，这是非常具有挑战性的，因为操作系统内核充满了难以分析的代码工件，并且错误采取多种形式并且难以被指定用于检测。该项目旨在通过提出一套新的方法和技术，并通过在一个精确的全内核分析系统中实现它们，来对抗开发人员和编译器引入的错误。该项目预计将提高广泛使用的计算机系统的安全性，保护用户数据和隐私，并促进安全，系统，编译器和软件工程领域的知识。此外，最终的系统将被集成到教育工具中，以帮助提高学生对错误的认识，并提高他们编写安全和正确代码的技能。该项目分为三个研究方向。(1)通过基础技术实现精确的全内核分析。该项目首先旨在解决多个重要问题，例如普遍的手写汇编和单片性质，这些问题一直阻碍着精确的全内核分析。(2)通过多种新的对等检查技术检测语义错误甚至不安全的函数设计。这些技术最大限度地减少了对具有挑战性的语义理解和错误规范检测的需求，并期望将同行检查变成一个强大的和通用的错误检测方法。(3)发现并消除编译器引入的安全错误。分析人员往往关注语义正确性，但忽略了安全状态，从而导致安全错误。这一突破旨在创建一个新的内存模型来捕获安全状态，并创建一个新的oracle来确定编译器引入的安全错误。除了检测错误外，该项目的通用方法和技术还将推动未来关于计算机系统分析和保护的研究。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值进行评估而被认为值得支持。和更广泛的影响审查标准。

项目成果

OS-Aware Vulnerability Prioritization via Differential Severity Analysis

• 发表时间: 2022
• 作者: Qiushi Wu;Yue Xiao;Xiaojing Liao;Kangjie Lu

Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection

• DOI: 10.14722/ndss.2022.24296
• 发表时间: 2022
• 期刊: Proceedings 2022 Network and Distributed System Security Symposium
• 作者: Zu-Ming Jiang;Jia-Ju Bai;Kangjie Lu;Shih-Min Hu

ACTOR: Action-Guided Kernel Fuzzing

• 发表时间: 2023
• 作者: Marius Fleischer;Dipanjan Das;Priyanka Bose;Weiheng Bai;Kangjie Lu;Mathias Payer;Christopher Kruegel;Giovanni Vigna

SEDiff: scope-aware differential fuzzing to test internal function models in symbolic execution

• DOI: 10.1145/3540250.3549080
• 发表时间: 2022-11
• 期刊: Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering
• 作者: Penghui Li;W. Meng;Kangjie Lu

Practical Program Modularization with Type-Based Dependence Analysis

• DOI: 10.1109/sp46215.2023.10179412
• 发表时间: 2023-05
• 期刊: 2023 IEEE Symposium on Security and Privacy (SP)
• 作者: Kangjie Lu