More Like this

1. Applications and Challenges in Securing Time

   Anwar, Fatima; Srivastava, Mani (January 2019, 12th USENIX Workshop on Cyber Security Experimentation and Test)

   In this paper, we establish the importance of trusted time for the safe and correct operation of various applications. There are, however, challenges in securing time against hardware timer manipulation, software attacks, and ma- licious network delays on current systems. To provide security of time, we explore the timing capabilities of trusted execution technologies that put their root of trust in hardware. A key concern is that these technologies do not protect time integrity and are susceptible to various timing attacks by a malicious operating system and an untrusted network. We argue that it is essential to safeguard time-based primitives across all layers of a time stack – the hardware timers, platform software, and network time packets. This paper provides a detailed examination of vulnerabilities in current time services, followed by a set of requirements to build a secure time architecture. 

   more » « less
2. Securing Wireless Communication via Hardware-Based Packet Obfuscation

   https://doi.org/10.1007/s41635-019-00070-0  

   Chacko, James; Juretus, Kyle; Jacovic, Marko; Sahin, Cem; Kandasamy, Nagarajan; Savidis, Ioannis; Dandekar, Kapil R. (May 2019, Journal of Hardware and Systems Security)

   Obfuscation of the orthogonal frequency-division multiplexing (OFDM) physical layer is described in this paper as a means to enhance the security of wireless communication. The standardization of the communication channel between two trusted parties results in a variety of security threats, including vulnerabilities in WPA/WPA2 protocols that allow for the extraction of the software layer encryption key. Obfuscating the physical layer of the OFDM pipeline provides an additional layer of security in the event that the software layer key is compromised and allows for rolling updates of the physical layer key without altering the software layer key. The interleaver stage of the OFDM pipeline is redesigned to utilize a physical layer key, which is termed Phy-Leave. The Phy-Leave interleaver is evaluated through both MATLAB simulation and hardware prototyping on the Software Defined Communication (SDC) testbed using a Virtex6 FPGA. The implemented rolling physical layer key policy and Phy-Leave system resulted in a less than 1% increase in the area of a Virtex6 FPGA, demonstrating physical layer obfuscation as a means to increase the security of wireless communication without a significant cost in hardware. 

   more » « less
3. Toward the Analysis of Embedded Firmware through Automated Re-hosting

   Gustafson, E. (September 2019, 22nd International Symposium on Research in Attacks, Intrusions and Defenses)

   The recent paradigm shift introduced by the Internet of Things (IoT) has brought embedded systems into focus as a target for both security analysts and malicious adversaries. Typified by their lack of standardized hardware, diverse software, and opaque functionality, IoT devices present unique challenges to security analysts due to the tight coupling between their firmware and the hardware for which it was designed. In order to take advantage of modern program analysis techniques, such as fuzzing or symbolic execution, with any kind of scale or depth, analysts must have the ability to execute firmware code in emulated (or virtualized) environments. However, these emulation environments are rarely available and cumbersome to create through manual reverse engineering, greatly limiting the analysis of binary firmware. In this work, we explore the problem of firmware re-hosting, the process by which firmware is migrated from its original hardware environment into a virtualized one. We show that an approach capable of creating virtual, interactive environments in an automated manner is a necessity to enable firmware analysis at scale. We present the first proof-of-concept system aiming to achieve this goal, called PRETENDER, which uses observations of the interactions between the original hardware and the firmware to automatically create models of peripherals, and allows for the execution of the firmware in a fully-emulated environment. Unlike previous approaches, these models are interactive, stateful, and transferable, meaning they are designed to allow the program to receive and process new input, a requirement of many analyses. We demonstrate our approach on multiple hardware platforms and firmware samples, and show that the models are flexible enough to allow for virtualized code execution, the exploration of new code paths, and the identification of security vulnerabilities. 

   more » « less
4. Draco: Architectural and Operating System Support for System Call Security

   https://doi.org/10.1109/MICRO50266.2020.00017  

   Skarlatos, Dimitrios; Chen, Qingrong; Chen, Jianyan; Xu, Tianyin; Torrellas, Josep (October 2020, In Proceedings of the 53rd IEEE/ACM International Symposium on Microarchitecture (MICRO-53))

   null (Ed.)

   Abstract—System call checking is extensively used to protect the operating system kernel from user attacks. However, existing solutions such as Seccomp execute lengthy rule-based checking programs against system calls and their arguments, leading to substantial execution overhead. To minimize checking overhead, this paper proposes Draco, a new architecture that caches system call IDs and argument values after they have been checked and validated. System calls are first looked-up in a special cache and, on a hit, skip all checks. We present both a software and a hardware implementation of Draco. The latter introduces a System Call Lookaside Buffer (SLB) to keep recently-validated system calls, and a System Call Target Buffer to preload the SLB in advance. In our evaluation, we find that the average execution time of macro and micro benchmarks with conventional Seccomp checking is 1.14_ and 1.25_ higher, respectively, than on an insecure baseline that performs no security checks. With our software Draco, the average execution time reduces to 1.10_ and 1.18_ higher, respectively, than on the insecure baseline. With our hardware Draco, the execution time is within 1% of the insecure baseline. 

   more » « less
5. A Container-based DoS Attack-Resilient Control Framework for Real-Time UAV Systems

   https://doi.org/10.23919/DATE.2019.8714888  

   Chen, Jiyang; Feng, Zhiwei; Wen, Jen-Yang; Liu, Bo; Sha, Lui (March 2019, IEEE Design, Automation & Test in Europe Conference & Exhibition)

   The Unmanned aerial vehicles (UAVs) sector is fast-expanding. Protection of real-time UAV applications against malicious attacks has become an urgent problem that needs to be solved. Denial-of-service (DoS) attack aims to exhaust system resources and cause important tasks to miss deadlines. DoS attack may be one of the common problems of UAV systems, due to its simple implementation. In this paper, we present a software framework that offers DoS attack-resilient control for real-time UAV systems using containers: Container Drone. The framework provides defense mechanisms for three critical system resources: CPU, memory, and communication channel. We restrict the attacker's access to the CPU core set and utilization. Memory bandwidth throttling limits the attacker's memory usage. By simulating sensors and drivers in the container, a security monitor constantly checks DoS attacks over communication channels. Upon the detection of a security rule violation, the framework switches to the safety controller to mitigate the attack. We implemented a prototype quadcopter with commercially off-the-shelf (COTS) hardware and open-source software. Our experimental results demonstrated the effectiveness of the proposed framework defending against various DoS attacks. 

   more » « less