NSF Org: |
CNS Division Of Computer and Network Systems |
Recipient: |
|
Initial Amendment Date: | August 20, 2008 |
Latest Amendment Date: | June 9, 2014 |
Award Number: | 0831298 |
Award Instrument: | Continuing Grant |
Program Manager: |
Ralph Wachter
rwachter@nsf.gov (703)292-8950 CNS Division Of Computer and Network Systems CSE Direct For Computer & Info Scie & Enginr |
Start Date: | September 1, 2008 |
End Date: | August 31, 2015 (Estimated) |
Total Intended Award Amount: | $1,000,000.00 |
Total Awarded Amount to Date: | $1,000,000.00 |
Funds Obligated to Date: |
FY 2009 = $420,000.00 FY 2011 = $250,000.00 |
History of Investigator: |
|
Recipient Sponsored Research Office: |
W5510 FRANKS MELVILLE MEMORIAL L STONY BROOK NY US 11794-0001 (631)632-9949 |
Sponsor Congressional District: |
|
Primary Place of Performance: |
W5510 FRANKS MELVILLE MEMORIAL L STONY BROOK NY US 11794-0001 |
Primary Place of Performance Congressional District: |
|
Unique Entity Identifier (UEI): |
|
Parent UEI: |
|
NSF Program(s): |
CYBER TRUST, TRUSTWORTHY COMPUTING |
Primary Program Source: |
01000910DB NSF RESEARCH & RELATED ACTIVIT 01001112DB NSF RESEARCH & RELATED ACTIVIT |
Program Reference Code(s): |
|
Program Element Code(s): |
|
Award Agency Code: | 4900 |
Fund Agency Code: | 4900 |
Assistance Listing Number(s): | 47.070 |
ABSTRACT
Cyber threats have escalated rapidly over the past decade. "Zero-day
attacks" have become significant, delivered increasingly through
seemingly innocuous means such as web pages, images, and documents.
Malware is rampant, being installed surreptitiously on millions of
computers around the world using a combination of spam, phishing,
malicious shareware and freeware.
Today's defenses use techniques such as signature-based scanning and
file integrity monitoring to detect the presence of malware, and then
remove them. Unfortunately, clever adversaries can quickly develop
malware that conceals itself from these detection mechanisms, and
hence defeat such reactive defenses. In contrast, this project will
develop an approach that dramatically improves defenses against
malware, and put a computer owner back in control over the
attackers. This approach, based on synthesizing and enforcing
low-level information flow properties from generic high level
policies, will be used to identify components of a computer system
that are critical for its trustworthiness, and preserve their
integrity. In doing so, the approach will enable users to continue to
use popular operating systems, applications, and add-on software, while still
assuring system security.
Specifically, this project will develop techniques to protect (a) the OS
and critical applications from untrusted code or data, (b) critical
applications from modules and extensions (e.g., browser plug-ins and media
player codecs) that run within the same address space, and (c) the OS kernel
from damage due to untrusted kernel extensions such as device drivers.
In terms of broader impact, this project will train several graduate
students, the research will be integrated into the teaching activities of
the PIs, and finally, the solutions developed will be distributed as
open-source software and/or tools.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Motivation and Goals
Cyber threats have escalated rapidly over the past few years. Zero-day attacks are signifi?cant threats, being delivered increasingly through means that seemed innocuous (e.g., web pages, images, and documents). Malware is rampant, spreading through a combination of spam, phishing, drive-by-downloads and other targeted exploits.
Today'?s defenses rely on reactive approaches (e.g., signature matching) that are mainly effective against previously encountered malware. In contrast, we proposed novel approaches that provide principled protection from unknown malware threats. We first developed provenance-based approaches that protect operating systems (OSes) and applications from compromise by code or data from unknown origins. Second, we developed proactive policy based defenses, that, regardless of attack origin, aim to mitigate the resulting damage. Development of effective security policies is essential for both approaches.
Network provenance based defense from malware and exploits
We highlight two main outcomes in this regard. First, we developed a novel defense to protect contemporary OSes from unknown and sophisticated malware. Our system, called SPIF, successfully tackled the open research challenge of providing assured malware defense without undue impact on today's applications or the OS. It works by tracking code and data origin, and ensuring that any running process that is influenced by code or data from untrusted sources is prevented from modifying important system resources or user data. SPIF is highly portable across OSes, and works on Linux as well as all modern versions of Microsoft Windows (XP through Windows 10). It is compatible with all applications, including popular browsers, office software, media players and authoring tools. SPIF imposes minimal performance overheads while being able to stop a variety of malware attacks, including Stuxnet and Sandworm.
Second, we developed XSSFilt, a provenance-based defense against cross-site scripting (XSS), the most serious threat on the web. Our solution is fast and powerful, providing protection against not only traditional server-side XSS vulnerabilities but also the newer DOM-based client-side vulnerabilities. Moreover, its detection algorithm is more broadly effective as compared to those deployed on Chrome and IE. Our solution was recently (January 2016) incorporated into the Pale Moon web browser, a Firefox fork that has been developed with the goal of efficiency, customizability, and security. Pale Moon has an active user population of over 500K users.
Policy-based exploit defense
We identified several new security properties whose effective enforcement can thwart exploits on binary code and/or web applications. Light-weight bounds checking (LBC) and Code Pointer Integrity (CPI) are two new proactive defenses against memory corruption attacks that combine strong protection with high performance and wide compatibility. BinCFI is an award-winning new defense for COTS binaries against control-flow hijack attacks. It has been further strengthened into CFCI, which guarantees defense against all code injection attacks.
JaTE is a new approach for defending against third-party scripts (e.g., advertisements) on web pages. Unlike previous defenses that were incomplete, incompatible or incurred high performance overheads, JaTE is secure, fully compatible with Alexa Top 500 sites, and efficient.
Security policy development
Policies provide the primary means to limit damage that may result from cyber attacks. More flexible security policy frameworks that support evolving, decentralized policies can increase defense eff...
Please report errors in award information by writing to: awardsearch@nsf.gov.