CAREER: Countering Emerging Software Threats with Adaptive Hardening, Debloating, and Hardware-assisted Protection

Today's large and complex software systems are plagued with vulnerabilities that allow perpetrators to exploit it for profit. Of all the different kinds of exploitable software weaknesses, memory errors -- i.e., bugs that can be (ab)used by attackers, via crafty inputs, to corrupt or leak memory contents -- have been particularly pernicious to deal with.

Developers and security engineers are unable to keep up with the sheer number of security errors (e.g., memory errors) being exploited that need patching. The focus of this project is on adapting software defenses to the specific deployment environment, as that environment changes due to new functionality and new threats. The project will produce open source prototypes of tools to automate the adaptation of defenses, thereby increasing the effectiveness of the defenses while radically reducing the human effort involved in defending against new threats as they arise.

The objective is to enable more effective, sophisticated defenses by automating the customization of defenses to fit the deployment environments. The resulting techniques and tools will contribute to the next-generation security architecture that enables software defenses to be constantly in flux to provide robust software protection mechanisms.

The project consists of three synergistic thrusts under the umbrella of adaptive security: adaptive hardening, hardware-assisted adaptive protection and adaptive debloating. The project will investigate techniques to enable software systems to dynamically adapt their defenses and functionality along several dimensions. Techniques for binary rewriting and program hardening will be enhanced to support adaptability.

Adaptive hardening will equip binaries with rich metadata including call graphs and types. Static binary rewriting performs install-time, load-time, and runtime adaptations. Hardware-assisted adaptive hardening uses hardware features such as Intel's CET for adaptive hardening; Finally, unused code is removed by automating debloating.

There are several benefits of an adaptive approach to software security. First, the capability to be agile in software hardening creates a diversified and unpredictable environment, which hinders the ability of adversaries to use canned recipes to bypass exploit mitigations. Second, hardening rectification allows software to make the best use of the hardening capabilities that a particular setting offers, while dynamically adapting the deployed defenses to meet changing needs.

The outcomes of this research will improve the state-of-the-art in defense against emerging software threats, and alleviate the concerns of the broader security community regarding hurdles (e.g., performance, compatibility) that until now have prevented the deployment of protections with guaranteed security properties. The project will develop and share new knowledge through cybersecurity and computer science curricula, and more broadly thought workshops and seminars for high school students and science educators.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.