Collaborative Research: SaTC: CORE: Small: Investigation of Naming Space Hijacking Threat and Its Defense

协作研究：SaTC：核心：小型：命名空间劫持威胁及其防御的调查

• 批准号: 2317829
• 负责人: Haining Wang
• 金额: $ 30万
• 依托单位: Virginia Polytechnic Institute and State University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-10-01 至 2026-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2317829&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Small

This project delves into the emerging security risks associated with naming space hijacking attacks targeting Internet applications. In this type of attack, an adversary exploits similarities and confusion in names of domains and resources in cyber space (e.g., Amazon.com vs. Amazom.com) to target users and even software developers, leading to financial loss, intellectual property theft, reputation damage, and disruption of normal operations for unsuspecting users. The project’s novelty is the assessment of the security risks of these types of attacks systematically and quantitatively across vital platforms and applications, including software supply chain ecosystems, the Metaverse, and decentralized financial applications (Web3). This investigation also enables the development of effective defense mechanisms and provides a strong safety guarantee to Internet users. The project's broader significance and importance lie in securing current and future Internet applications, thereby enhancing the availability and reliability of Internet services. Additionally, educational efforts are devoted to the curriculum design of new cybersecurity courses with a focus on Web3 applications. Outreach activities are also conducted to promote the involvement of underrepresented minorities in computing and to enhance cybersecurity awareness and knowledge in the states of Virginia and Delaware (an EPSCoR state).This project develops multiple frameworks to continuously monitor and capture any suspicious activities and pinpoint potential naming space hijacking issues. The first task focuses on the identification and disclosure of vulnerabilities within software supply chain ecosystems that can be exploited by adversaries to hijack existing packages or distribute malicious code. The second task centers on exploring potential threats within user-specific worlds in emerging Metaverse platforms. The third task involves leveraging machine learning techniques to detect and mitigate fraudulent online activities within decentralized blockchain applications. Ultimately, the project aims to design and develop lightweight and robust defense systems that can effectively mitigate the potential security threats posed by naming space hijacking threats. The overall security risks are evaluated through long-term observation and large-scale measurement studies on real-world applications. The defense strategies are integrated in existing systems and protocols, and thoroughly evaluated on real-world scenarios to demonstrate their effectiveness.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该项目深入研究了与针对互联网应用程序的命名空间劫持攻击相关的新兴安全风险。在这种类型的攻击中，对手利用网络空间中的域和资源的名称的相似性和混淆（例如，Amazon.com vs. Amazom.com）以针对用户甚至软件开发人员，导致财务损失、知识产权盗窃、声誉损害以及对不知情用户的正常操作的破坏。该项目的新奇之处在于，系统地、定量地评估了这些类型的攻击在重要平台和应用程序中的安全风险，包括软件供应链生态系统、Metaverse和分散式金融应用程序（Web3）。这一调查也使有效的防御机制得以发展，为互联网用户提供了强有力的安全保障。该项目更广泛的意义和重要性在于确保当前和未来的互联网应用，从而提高互联网服务的可用性和可靠性。此外，教育工作致力于新的网络安全课程的课程设计，重点是Web3应用程序。还开展了推广活动，以促进代表性不足的少数民族参与计算，并提高弗吉尼亚州和特拉华州（EPSCoR州）的网络安全意识和知识。该项目开发了多个框架，以持续监控和捕获任何可疑活动，并查明潜在的命名空间劫持问题。第一项任务的重点是识别和披露软件供应链生态系统中的漏洞，这些漏洞可能被对手利用来劫持现有软件包或分发恶意代码。第二个任务是在新兴的Metaverse平台上探索用户特定世界中的潜在威胁。第三项任务涉及利用机器学习技术来检测和减轻分散式区块链应用程序中的欺诈性在线活动。最终，该项目旨在设计和开发轻量级和强大的防御系统，可以有效地减轻命名空间劫持威胁所带来的潜在安全威胁。通过对实际应用的长期观察和大规模测量研究来评估整体安全风险。这些防御策略被集成到现有的系统和协议中，并在真实世界的场景中进行了彻底的评估，以证明其有效性。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。