SaTC: CORE: Small: Automatic Software Patching against Microarchitectual Attacks

Project: Research project

Project Details

Description

Cybersecurity attacks are estimated to cost businesses trillions of dollars in 2019 and microarchitectural attacks are becoming an increasingly important attack surface. Microarchitectural attacks reveal confidential information by taking advantage of weaknesses in how hardware manage data to maximize efficiency. For example, the high-profile Spectre and Meltdown attacks are microarchitectural attacks that make nearly all modern CPUs exploitable. To close the root of microarchitectural attacks, new secure hardware designs are promising in a long term, but they are unlikely to be adopted in any close future. On the other hand, very few of existing software-based solutions target Spectre-like attacks or automatically fix vulnerabilities. The project will develop an application-level toolchain so that the patched applications are secure on existing commodity operating systems and hardware. The developed toolchain will significantly strengthen the security of applications currently vulnerable to microarchitectural attacks.

This award investigates an automated approach to detecting and mitigating microarchitectural attacks for applications running on existing commodity operating systems and hardware. More specifically, the project leverages novel language- and compiler-based strategies, which include program analysis techniques that identify sensitive memory requests and characterize them as a new concept called differential sets; compiler-level automated patching techniques for removing differential sets or vulnerabilities when it is possible to do so; and an end-to-end evaluation of the proposed approach using a variety of architectures, attack models, and application programs. With these strategies and techniques, side-channel based microarchitectural attacks can be largely mitigated.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

StatusFinished
Effective start/end date7/1/206/30/23

Funding

  • National Science Foundation: $500,000.00

Fingerprint

Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.