Award Abstract # 0831298
CT-T: Proactive Techniques for Preserving System Integrity: A Basis for Robust Defense Against Malware

NSF Org: CNS
Division Of Computer and Network Systems
Recipient: THE RESEARCH FOUNDATION FOR THE STATE UNIVERSITY OF NEW YORK
Initial Amendment Date: August 20, 2008
Latest Amendment Date: June 9, 2014
Award Number: 0831298
Award Instrument: Continuing Grant
Program Manager: Ralph Wachter
rwachter@nsf.gov
 (703)292-8950
CNS
 Division Of Computer and Network Systems
CSE
 Direct For Computer & Info Scie & Enginr
Start Date: September 1, 2008
End Date: August 31, 2015 (Estimated)
Total Intended Award Amount: $1,000,000.00
Total Awarded Amount to Date: $1,000,000.00
Funds Obligated to Date: FY 2008 = $330,000.00
FY 2009 = $420,000.00

FY 2011 = $250,000.00
History of Investigator:
  • Ramasubramanian Sekar (Principal Investigator)
    sekar@cs.sunysb.edu
  • Scott Stoller (Co-Principal Investigator)
  • Coimbatore Ramakrishnan (Co-Principal Investigator)
Recipient Sponsored Research Office: SUNY at Stony Brook
W5510 FRANKS MELVILLE MEMORIAL L
STONY BROOK
NY  US  11794-0001
(631)632-9949
Sponsor Congressional District: 01
Primary Place of Performance: SUNY at Stony Brook
W5510 FRANKS MELVILLE MEMORIAL L
STONY BROOK
NY  US  11794-0001
Primary Place of Performance
Congressional District:
01
Unique Entity Identifier (UEI): M746VC6XMNH9
Parent UEI:
NSF Program(s): CYBER TRUST,
TRUSTWORTHY COMPUTING
Primary Program Source: 01000809DB NSF RESEARCH & RELATED ACTIVIT
01000910DB NSF RESEARCH & RELATED ACTIVIT

01001112DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 9218, HPCC
Program Element Code(s): 7371, 7795
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

Cyber threats have escalated rapidly over the past decade. "Zero-day
attacks" have become significant, delivered increasingly through
seemingly innocuous means such as web pages, images, and documents.
Malware is rampant, being installed surreptitiously on millions of
computers around the world using a combination of spam, phishing,
malicious shareware and freeware.

Today's defenses use techniques such as signature-based scanning and
file integrity monitoring to detect the presence of malware, and then
remove them. Unfortunately, clever adversaries can quickly develop
malware that conceals itself from these detection mechanisms, and
hence defeat such reactive defenses. In contrast, this project will
develop an approach that dramatically improves defenses against
malware, and put a computer owner back in control over the
attackers. This approach, based on synthesizing and enforcing
low-level information flow properties from generic high level
policies, will be used to identify components of a computer system
that are critical for its trustworthiness, and preserve their
integrity. In doing so, the approach will enable users to continue to
use popular operating systems, applications, and add-on software, while still
assuring system security.

Specifically, this project will develop techniques to protect (a) the OS
and critical applications from untrusted code or data, (b) critical
applications from modules and extensions (e.g., browser plug-ins and media
player codecs) that run within the same address space, and (c) the OS kernel
from damage due to untrusted kernel extensions such as device drivers.

In terms of broader impact, this project will train several graduate
students, the research will be integrated into the teaching activities of
the PIs, and finally, the solutions developed will be distributed as
open-source software and/or tools.

PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note:  When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

(Showing: 1 - 10 of 11)
Anu Singh, C. R. Ramakrishnan, Scott A. Smolka "A process calculus for Mobile Ad Hoc Networks" Sci. Comput. Program. , v.75 , 2010 , p.440
Amit Sasturkar, Ping Yang, Scott D. Stoller, and C.R. Ramakrishnan "Policy Analysis for Administrative Role Based Access Control" Theoretical Computer Science , 2011 10.1016/j.tcs.2011.05.009
Scott D. Stoller, Ping Yang, Mikhail Gofman, and C. R. Ramakrishnan "Symbolic Reachability Analysis for Parameterized Administrative Role Based Access Control" Computers & Security , v.30 , 2010 , p.148
Xiaowan Huang, Justin Seyster, Sean Callanan, Ketan Dixit, Michael Gorbovitski, Radu Grosu, Scott A. Smolka, Scott D. Stoller, Erez Zadok "Software Monitoring with Controllable Overhead" International Journal on Software Tools for Technlogy Transfer , 2011 10.1007/s10009-010-0184-4
Anu Singh, C. R. Ramakrishnan, Scott A. Smolka "A process calculus for Mobile Ad Hoc Networks" Science of Computer Programming , v.75 , 2010 , p.440
Justin Seyster, Ketan Dixit, Xiaowan Huang, Radu Grosu, Klaus Havelund, Scott A. Smolka, Scott D. Stoller, and Erez Zadok. "InterAspect: Aspect-Oriented Instrumentation with GCC." Formal Methods in System Design , v.41 , 2012 , p.295
Andrey Gorlin, C. R. Ramakrishnan, Scott A. Smolka: "Model checking with probabilistic tabled logic programming. TPLP 12(4-5): 681-700 (2012)" Theory and Practice of Logic Programming , v.12 , 2012 , p.681-700 http://dx.doi.org/10.1017/S1471068412000245
Ping Yang, Mikhail Gofman, Scott D. Stoller, and Zijiang Yang "Policy Analysis for Administrative Role Based Access Control without Separate Administration" Journal of Computer Security , v.23 , 2015 10.3233/JCS-140511
Puneet Gupta, Scott D. Stoller, and Zhongyuan Xu "Abductive Analysis of Administrative Policies in Rule-based Access Control" IEEE Transactions on Dependable and Secure Computing , v.11 , 2014 , p.412 10.1109/TDSC.2013.42
Muhammad Asiful Islam, C. R. Ramakrishnan, I. V. Ramakrishnan "Inference in probabilistic logic programs with continuous random variables" Theory and Practice of Logic Programming , v.12 , 2012 , p.505-523 http://dx.doi.org/10.1017/S1471068412000154
Laszlo Szekeres, Mathias Payer, Tao Wei and R. Sekar "Eternal War in Memory" IEEE Security and Privacy Magazine (S&P Magazine) , v.12 , 2014 , p.45 1540-7993
(Showing: 1 - 10 of 11)

PROJECT OUTCOMES REPORT

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

Motivation and Goals

 Cyber threats have escalated rapidly over the past few years. Zero-day attacks are signifi?cant threats, being delivered increasingly through means that seemed innocuous (e.g., web pages, images, and documents). Malware is rampant, spreading through a combination of spam, phishing, drive-by-downloads and other targeted exploits.

Today'?s defenses rely on reactive approaches (e.g., signature matching) that are mainly effective against previously encountered malware. In contrast, we proposed novel approaches that provide principled protection from unknown malware threats.  We first developed provenance-based approaches that protect operating systems (OSes) and applications from compromise by code or data from unknown origins. Second, we developed proactive policy based defenses, that, regardless of attack origin, aim to mitigate the resulting damage. Development of effective security policies is essential for both approaches.

Network provenance based defense from malware and exploits

We highlight two main outcomes in this regard. First, we developed a novel defense to protect contemporary OSes from unknown and sophisticated malware. Our system, called SPIF, successfully tackled the open research challenge of providing assured malware defense without undue impact on today's applications or the OS. It works by tracking code and data origin, and ensuring that any running process that is influenced by code or data from untrusted sources is prevented from modifying important system resources or user data. SPIF is highly portable across OSes, and works on Linux as well as all modern versions of Microsoft Windows (XP through Windows 10). It is compatible with all applications, including popular browsers, office software, media players and authoring tools. SPIF imposes minimal performance overheads while being able to stop a variety of malware attacks, including Stuxnet and Sandworm.

Second, we developed XSSFilt, a provenance-based defense against cross-site scripting (XSS), the most serious threat on the web. Our solution is fast and powerful, providing protection against not only traditional server-side XSS vulnerabilities but also the newer DOM-based client-side vulnerabilities. Moreover, its detection algorithm is more broadly effective as compared to those deployed on Chrome and IE. Our solution was recently (January 2016) incorporated into the Pale Moon web browser, a Firefox fork that has been developed with the goal of efficiency, customizability, and security.  Pale Moon has an active user population of over 500K users.

Policy-based exploit defense

We identified several new security properties whose effective enforcement can thwart exploits on binary code and/or web applications. Light-weight bounds checking (LBC) and Code Pointer Integrity (CPI) are two new proactive defenses against memory corruption attacks that combine strong protection with high performance and wide compatibility. BinCFI is an award-winning new defense for COTS binaries against control-flow hijack attacks. It has been further strengthened into CFCI, which guarantees defense against all code injection attacks.

JaTE is a new approach for defending against third-party scripts (e.g., advertisements) on web pages. Unlike previous defenses that were incomplete, incompatible or incurred high performance overheads, JaTE is secure, fully compatible with Alexa Top 500 sites, and efficient.

Security policy development

Policies provide the primary means to limit damage that may result from cyber attacks. More flexible security policy frameworks that support evolving, decentralized policies can increase defense eff...

Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page