Publications
Tagged As
More than a fair share: Network Data Remanence attacks against secret sharing-based schemes [early access]
February 23, 2021
Journal Article
Published in:
Network and Distributed Systems Security Symp., NDSS, 23-26 February 2021.
Topic:
R&D area:
R&D group:
Summary
With progress toward a practical quantum computer has come an increasingly rapid search for quantum-safe, secure communication schemes that do not rely on discrete logarithm or factorization problems. One such encryption scheme, Multi-path Switching with Secret Sharing (MSSS), combines secret sharing with multi-path switching to achieve security as long as the adversary does not have global observability of all paths and thus cannot capture enough shares to reconstruct messages. MSSS assumes that sending a share on a path is an atomic operation and all paths have the same delay. In this paper, we identify a side-channel vulnerability for MSSS, created by the fact that in real networks, sending a share is not an atomic operation as paths have multiple hops and different delays. This channel, referred to as Network Data Remanence (NDR), is present in all schemes like MSSS whose security relies on transfer atomicity and all paths having same delay. We demonstrate the presence of NDR in a physical testbed. We then identify two new attacks that aim to exploit the side channel, referred to as NDR Blind and NDR Planned, propose an analytical model to analyze the attacks, and demonstrate them using an implementation of MSSS based on the ONOS SDN controller. Finally, we present a countermeasure for the attacks and show its effectiveness in simulations and Mininet experiments.
Summary
With progress toward a practical quantum computer has come an increasingly rapid search for quantum-safe, secure communication schemes that do not rely on discrete logarithm or factorization problems. One such encryption scheme, Multi-path Switching with Secret Sharing (MSSS), combines secret sharing with multi-path switching to achieve security as long as...
READ MORE
Control systems need software security too: cyber-physical systems and safety-critical application domains must adopt widespread effective software defenses
June 1, 2020
Journal Article
Published in:
SIGNAL Mag., 1 June 2020.
Topic:
R&D area:
R&D group:
Summary
Low-level embedded control systems are increasingly being targeted by adversaries, and there is a strong need for stronger software defenses for such systems. The cyber-physical nature of such systems impose real-time performance constraints not seen in enterprise computing systems, and such constraints fundamentally alter how software defenses should be designed and applied. MIT Lincoln Laboratory scientists demonstrated that current randomization-based defenses, which have low average-case overhead, can incur significant worst-case overhead that may be untenable in real-time applications, while some low-overhead enforcement-based defenses have low worst-case performance overheads making them more amenable to real-time applications. Such defenses should be incorporated into a comprehensive resilient architecture with a strategy for failover and timely recovery in the case of a cyber threat.
Summary
Low-level embedded control systems are increasingly being targeted by adversaries, and there is a strong need for stronger software defenses for such systems. The cyber-physical nature of such systems impose real-time performance constraints not seen in enterprise computing systems, and such constraints fundamentally alter how software defenses should be designed...
READ MORE
Automated discovery of cross-plane event-based vulnerabilities in software-defined networking
February 23, 2020
Conference Paper
Published in:
Network and Distributed Systems Security Symp., NDSS, 23-26 February 2020.
Summary
Software-defined networking (SDN) achieves a programmable control plane through the use of logically centralized, event-driven controllers and through network applications (apps) that extend the controllers' functionality. As control plane decisions are often based on the data plane, it is possible for carefully crafted malicious data plane inputs to direct the control plane towards unwanted states that bypass network security restrictions (i.e., cross-plane attacks). Unfortunately, because of the complex interplay among controllers, apps, and data plane inputs, at present it is difficult to systematically identify and analyze these cross-plane vulnerabilities. We present EVENTSCOPE, a vulnerability detection tool that automatically analyzes SDN control plane event usage, discovers candidate vulnerabilities based on missing event-handling routines, and validates vulnerabilities based on data plane effects. To accurately detect missing event handlers without ground truth or developer aid, we cluster apps according to similar event usage and mark inconsistencies as candidates. We create an event flow graph to observe a global view of events and control flows within the control plane and use it to validate vulnerabilities that affect the data plane. We applied EVENTSCOPE to the ONOS SDN controller and uncovered 14 new vulnerabilities.
Summary
Software-defined networking (SDN) achieves a programmable control plane through the use of logically centralized, event-driven controllers and through network applications (apps) that extend the controllers' functionality. As control plane decisions are often based on the data plane, it is possible for carefully crafted malicious data plane inputs to direct the...
READ MORE
The leakage-resilience dilemma
September 15, 2019
Conference Paper
Published in:
Proc. European Symp. on Research in Computer Security, ESORICS 2019, pp. 87-106.
Summary
Many control-flow-hijacking attacks rely on information leakage to disclose the location of gadgets. To address this, several leakage-resilient defenses, have been proposed that fundamentally limit the power of information leakage. Examples of such defenses include address-space re-randomization, destructive code reads, and execute-only code memory. Underlying all of these defenses is some form of code randomization. In this paper, we illustrate that randomization at the granularity of a page or coarser is not secure, and can be exploited by generalizing the idea of partial pointer overwrites, which we call the Relative ROP (RelROP) attack. We then analyzed more that 1,300 common binaries and found that 94% of them contained sufficient gadgets for an attacker to spawn a shell. To demonstrate this concretely, we built a proof-of-concept exploit against PHP 7.0.0. Furthermore, randomization at a granularity finer than a memory page faces practicality challenges when applied to shared libraries. Our findings highlight the dilemma that faces randomization techniques: course-grained techniques are efficient but insecure and fine-grained techniques are secure but impractical.
Summary
Many control-flow-hijacking attacks rely on information leakage to disclose the location of gadgets. To address this, several leakage-resilient defenses, have been proposed that fundamentally limit the power of information leakage. Examples of such defenses include address-space re-randomization, destructive code reads, and execute-only code memory. Underlying all of these defenses is...
READ MORE
Guest editorial: special issue on hardware solutions for cyber security
August 22, 2019
Journal Article
Published in:
J. Hardw. Syst. Secur., Vol. 3, No. 199, 2019.
Topic:
R&D area:
R&D group:
Summary
A cyber system could be viewed as an architecture consisting of application software, system software, and system hardware. The hardware layer, being at the foundation of the overall architecture, must be secure itself and also provide effective security features to the software layers. In order to seamlessly integrate security hardware into a system with minimal performance compromises, designers must develop and understand tangible security specifications and metrics to trade between security, performance, and cost for an optimal solution. Hardware security components, libraries, and reference architecture are increasingly important in system design and security. This special issue includes four exciting manuscripts on several aspects of developing hardware-oriented security for systems.
Summary
A cyber system could be viewed as an architecture consisting of application software, system software, and system hardware. The hardware layer, being at the foundation of the overall architecture, must be secure itself and also provide effective security features to the software layers. In order to seamlessly integrate security hardware...
READ MORE
A compact end cryptographic unit for tactical unmanned systems
July 11, 2019
Conference Paper
Published in:
Proc. SPIE 11021, Unmanned Systems Technology XXI, 11 July 2019, 1102101.
Topic:
R&D area:
R&D group:
Summary
Under the Navy's Flexible Cyber-Secure Radio (FlexCSR) program, the Naval Information Warfare Center Pacific and the Massachusetts Institute of Technology's Lincoln Laboratory are jointly developing a unique cybersecurity solution for tactical unmanned systems (UxS): the FlexCSR Security/Cyber Module (SCM) End Cryptographic Unit (ECU). To deal with possible loss of unmanned systems that contain the device, the SCM ECU uses only publicly available Commercial National Security Algorithms and a Tactical Key Management system to generate and distribute onboard mission keys that are destroyed at mission completion or upon compromise. This also significantly reduces the logistic complexity traditionally involved with protection and loading of classified cryptographic keys. The SCM ECU is on track to be certified by the National Security Agency for protecting tactical data-in-transit up to Secret level. The FlexCSR SCM ECU is the first stand-alone cryptographic module that conforms to the United States Department of Defense (DoD) Joint Communications Architecture for Unmanned Systems, an initiative by the Office of the Secretary of Defense supporting the interoperability pillar of the DoD Unmanned Systems Integrated Roadmap. It is a credit card-sized enclosed unit that provides USB interfaces for plaintext and ciphertext, support for radio controls and management, and a software Application Programming Interface that together allow easy integration into tactical UxS communication systems. This paper gives an overview of the architecture, interfaces, usage, and development and approval schedule of the device.
Summary
Under the Navy's Flexible Cyber-Secure Radio (FlexCSR) program, the Naval Information Warfare Center Pacific and the Massachusetts Institute of Technology's Lincoln Laboratory are jointly developing a unique cybersecurity solution for tactical unmanned systems (UxS): the FlexCSR Security/Cyber Module (SCM) End Cryptographic Unit (ECU). To deal with possible loss of unmanned...
READ MORE
Supporting security sensitive tenants in a bare-metal cloud
July 10, 2019
Conference Paper
Published in:
2019 USENIX Annual Technical Conf., 10-12 July 2019.
Topic:
R&D area:
R&D group:
Summary
Bolted is a new architecture for bare-metal clouds that enables tenants to control tradeoffs between security, price, and performance. Security-sensitive tenants can minimize their trust in the public cloud provider and achieve similar levels of security and control that they can obtain in their own private data centers. At the same time, Bolted neither imposes overhead on tenants that are security insensitive nor compromises the flexibility or operational efficiency of the provider. Our prototype exploits a novel provisioning system and specialized firmware to enable elasticity similar to virtualized clouds. Experimentally we quantify the cost of different levels of security for a variety of workloads and demonstrate the value of giving control to the tenant.
Summary
Bolted is a new architecture for bare-metal clouds that enables tenants to control tradeoffs between security, price, and performance. Security-sensitive tenants can minimize their trust in the public cloud provider and achieve similar levels of security and control that they can obtain in their own private data centers. At the...
READ MORE
Security considerations for next-generation operating systems for cyber-physical systems
April 15, 2019
Conference Paper
Published in:
1st Intl. Workshop on Next-Generation Operating Systems for Cyber-Physical Systems, NGOSCPS, 15 April 2019.
Topic:
R&D area:
R&D group:
Summary
Cyber-physical systems (CPSs) are increasingly targeted in high-profile cyber attacks. Examples of such attacks include Stuxnet, which targeted nuclear centrifuges; Crashoverride, and Triton, which targeted power grids; and the Mirai botnet, which targeted internet-of-things (IoT) devices such as cameras to carry out a large-scale distributed denial-of-service (DDoS) attack. Such attacks demonstrate the importance of securing current and future cyber-physical systems. Therefore, next-generation operating systems (OSes) for CPS need to be designed to provide security features necessary, as well as be secure in and of themselves. CPSs are designed with one of three broad classes of OSes: (a) bare-metal applications with effectively no operating system, (b) embedded systems executing on impoverished platforms running an embedded or real-time operating system (RTOS) such as FreeRTOS, or (c) more performant platforms running general purpose OSes such as Linux, sometimes tuned for real-time performance such as through the PREEMPT_RT patch. In cases (a) and (b), the OS, if any, is very minimal to facilitate improved resource utilization in real-time or latency-sensitive applications, especially running on impoverished hardware platforms. In such OSes, security is often overlooked, and many important security features (e.g. process/kernel memory isolation) are notably absent. In case (c), the general-purpose OS inherits many of the security-related features that are critical in enterprise and general-purpose applications, such as virtual memory and address-space layout randomization (ASLR). However, the highly complex nature of general-purpose OSes can be problematic in the development of CPSs, as they are highly non-deterministic and difficult to formally reason about for cyber-physical applications, which often have real-time constraints. These issues motivate the need for a next generation OS that is highly capable, predictable and deterministic for real-time performance, but also secure in the face of many of the next generation of cyber threats. In order to design such a next-generation OS, it is necessary to first reflect on the types of threats that CPSs face, including the attacker intentions and types of effects that can be achieved, as well as the type of access that attackers have. While threat models are not the same for all CPSs, it is important to understand how the threat models for CPSs compare to general-purpose or enterprise computing environments. We discuss these issues next (Sec. 2), before providing insights and recommendations for approaches to incorporate in next-generation OSes for CPS in Sec. 3.
Summary
Cyber-physical systems (CPSs) are increasingly targeted in high-profile cyber attacks. Examples of such attacks include Stuxnet, which targeted nuclear centrifuges; Crashoverride, and Triton, which targeted power grids; and the Mirai botnet, which targeted internet-of-things (IoT) devices such as cameras to carry out a large-scale distributed denial-of-service (DDoS) attack. Such attacks...
READ MORE
Secure input validation in Rust with parsing-expression grammars
January 1, 2019
Thesis
Published in:
Thesis (M.E.)--Massachusetts Institute of Technology, 2019.
Topic:
R&D area:
R&D group:
Summary
Accepting input from the outside world is one of the most dangerous things a system can do. Since type information is lost across system boundaries, systems must perform type-specific input handling routines to recover this information. Adversaries can carefully craft input data to exploit any bugs or vulnerabilities in these routines, thereby causing dangerous memory errors. Including input validation routines in kernels is especially risky. Sensitive memory contents and powerful privileges make kernels a preferred target of attackers. Furthermore, the fact that kernels must process user input, network data, as well as input from a wide array of peripheral devices means that including such input validation schemes is unavoidable. In this thesis we present Automatic Validation of Input Data (AVID), which helps solve the issue of input validation within kernels by automatically generating parser implementations for developer-defined structs. AVID leverages not only the unambiguity guarantees of parsing expression grammars but also the type safety guarantees of Rust. We show how AVID can be used to resolve a manufactured vulnerability in Tock, an operating system written in Rust for embedded systems. Using Rust’s procedural macro system, AVID generates parser implementations at compile time based on existing Rust struct definitions. AVID exposes a simple and convenient parser API that is able to validate input and then instantiate structs from the validated input. AVID's simple interface makes it easy for developers to use and to integrate with existing codebases.
Summary
Accepting input from the outside world is one of the most dangerous things a system can do. Since type information is lost across system boundaries, systems must perform type-specific input handling routines to recover this information. Adversaries can carefully craft input data to exploit any bugs or vulnerabilities in these...
READ MORE
Security and performance analysis of custom memory allocators
January 1, 2019
Thesis
Published in:
Thesis (M.E.)--Massachusetts Institute of Technology, 2019.
Topic:
R&D area:
R&D group:
Summary
Computer programmers use custom memory allocators as an alternative to built-in or general-purpose memory allocators with the intent to improve performance and minimize human error. However, it is difficult to achieve both memory safety and performance gains on custom memory allocators. In this thesis, we study the relationship between memory safety and custom allocators. We analyze three popular servers, Apache, Nginx, and Appweb, and show that while the performance benefits might exist in the unprotected version of the server, as soon as partial or full memory safety is enforced, the picture becomes much more complex. Based on the target, using a custom memory allocator might be faster, about the same, or slower than the system memory allocator. Another caveat is that custom memory allocation can only be protected partially (at the allocation granularity) without manual modification. In addition, custom memory allocators may also introduce additional vulnerabilities to an application (e.g., OpenSSL Heartbleed). We thus conclude that using custom memory allocators is very nuanced, and that the challenges they pose may outweigh the small performance gains in the unprotected mode in many cases. Our findings suggest that developers must carefully consider the trade-offs and caveats of using a custom memory allocator before deploying it in their project.
Summary
Computer programmers use custom memory allocators as an alternative to built-in or general-purpose memory allocators with the intent to improve performance and minimize human error. However, it is difficult to achieve both memory safety and performance gains on custom memory allocators. In this thesis, we study the relationship between memory...
READ MORE