Trustworthy Systems from Un-Trusted Components - - PowerPoint PPT Presentation

Trustworthy Systems from Un-Trusted Components

PRESENTED BY PROF. ABHIK ROYCHOUDHURY NATIONAL UNIVERSITY OF SINGAPORE ABHIK@COMP.NUS.EDU.SG

http://www.comp.nus.edu.sg/~tsunami

2

Vulnerability Discovery Binary Hardening Verification Data Protection

Agency Collaboration Industry Collaboration Education – NUS (Bachelors in Infosec)

Research Outputs – Publications, Tools, Academic Collaboration, Exchanges, Seminars, Workshops Enhancing local capabilities

Ongoing NRF Project Overall Outlook

Project Highlights

Usage and Research impact

• Integration to widely used tools like AFL with active user groups
• DARPA CGC binaries – finds crashes faster >10 times
• Integrated into the most widely used security testing tool
• Angelix tool on automated program repair
• Security Vulnerabilities remain un-patched for long ….

Research Visibility

• Invited talks at Summer School on Information Security and many other venues
• IEEE Innovation Spotlight 2018 from among all IEEE article.

Educational Impact

• Degree Program in Infosec at NUS started concurrently
• Modules being created using outcomes of the project
• Hands-on CTF education in existing classes using project outcomes.

3

Scholarly Impact

• High-citation trend
• Data oriented programming, April 2016 [FWCI 22.89]
• Angelix paper on automated program repair, May 2016 [FWCI 26.09]
• Home run papers with field weighted citation impact > 20
• Dagstuhl work-shop on Automated Repair organized – January 2017
• Recent Invited talks
• Distinguished Lecture at Luxembourg S&T center, January 2017
• KLEE workshop on Symbolic Execution, April 2018
• 9th International Summer School on Information Security and Protection July 2018
• https://cs.anu.edu.au/cybersec/issisp2018/
• Publications: CCS, NDSS, Usenix Security, S&P, ICSE, FSE

4

Highlights

Sample Technologies from TSUNAMi

AFLFast — 10x faster than AFL

• 1st place @ Hackernews
• 2nd place @ DARPA CGC (Team Codejitsu)
• 6 CVEs @ US National Vulnerability Database (initial count
• nly during publication)
• 180 stars @ Github (+90 forks)
• 2000 USD @ Google Security bug bounties
• Integrated into main-line AFL

AFLGo — 1st directed greybox fuzzer

• 17 CVEs @ US National Vulnerability Database
• 39 bugs @ security-critical internet libraries (libxml)
• 41 stars @ Github (9 forks)
• Outperforms state-of-the-art in patch testing (KATCH)
• Outperforms state-of-the-art in crash reproduction (BugRedux)

5

PRESENTATION TO NRF EXPERT PANEL, FEB 23, 2018

LowFat — Efficient Binary Hardening Detects stack/buffer overflows and type confusion attacks 17% performance overhead (vs. 45% state-of-the-art) 12% memory overhead (vs. 700% state-of-the-art) Integratedwith AFLFast and AFLGo to detect more vulnerabilities more efficiently! 1

6

Secure Smart Nation Infra-structure

Certification of software for IoT devices in smart home, smart health, robots/drones Focus on environment aware functionality certification, but also weave in non-functional properties Capabilities for such certification exist in NUS, and some partnerships for translation, but more may be needed.

TSUNAMi project

TSUNAMi Project

• Reactive Software Security (WP1)
• Automated Vulnerability Detection
• Automated Vulnerability Repair
• Proactive Software Security (WP2 + WP3)
• Automated Hardening
• Automated Protocol Verification
• Assuming Compromised Operating System (WP4)
• Ensuring Secure Application Execution

WP1: Binary Analysis

• Directed Fuzzing as an optimization problem (No constraint solving)
• Program analysis moved to instrumentation time

to retain efficiency of greybox fuzzing.

• Distance to targets efficiently computed at runtime.
• Find global minimum using search meta-heuristic – Simulated Annealing
• Results: outperforms KATCH and BugRedux. 17 CVEs assigned
• Application: patch testing, crash reproduction, information flow analysis

AFLGo: Directed Greybox Fuzzing

[CCS’17]

• Model Greybox Fuzzing as Markov chain
• Design power schedules to regulate the “energy” to gravitate path

exploration towards low-frequency paths

• Results & Impact
• 10x faster than the state of the art

Received 2000 USD @Google bug bounty

• Outperforms KLEE on vulnerability detection
• 2nd place (on vulnerability detection)

@DARPA CGC (Team Codejitsu)

• 6 CVEs

AFLFast: Coverage-based Greybox Fuzzing

[CCS’16, TSE’18]

• Point-of-failure and Call-stack based Bucketing do not take program

semantics into account leading to over-condensing, send-bucket and long- tail problems

• Our symbolic analysis based solution
• Identify culprit constraint
• Use culprit constraint as semantic “reason” of failure
• Group failing paths having same “reason” together

Bucketing Failing Test via Symbolic Analysis

p1 f1 f2 f3 f4

x x x

b2 b1 b4 b3 b5

Culprit constraint [FASE’17]

Automated Program Repair

12

1 int search(int x, int a[], int length) { 2 int i; 3 for (i=0; i<length; i++) { 4 if (x == a[i]) 5 return i; 6 } 7 return −1; 8 } (a) Correct linear search 1 int search(int x, int a[], int length) { 2 int L = 0; 3 int R = length-1; 4 do { 5 int m = (L+R)/2; 6 if (x == a[m]) { 7 return m; 8 } else if (x < a[m]) { // bug fix: x > a[m] 9 L = m+1; 10 } else { 11 R = m-1; 12 } 13 } while (L <= R); 14 return -1; 15 } (b) Buggy binary search

User-defined condition: length = 3 & a[0] < a[1] < a[2] Verification condition Experiments on embedded Linux Busybox

SemGraft (ICSE18)

13

Verification condition Counterexample Is SAT? Negate Patch found Buggy program Is SAT? Angelic forest Is SAT? Component library Candidate patch No Yes Yes Yes Buggy program Reference program Symbolic analysis

WP2: Binary Hardening

• EffectiveSan is a comprehensive dynamic type checker for C/C++ programs
• Key observation: most C/C++ vulnerabilities are type errors:
• EffectiveSan directly detects the following classes of error:
• Type errors (type confusion, bad casts, etc.)
• Bounds errors (buffer overflows, etc.)
• Sub-object bounds errors (overwriting vptrs, etc.)
• Use-after-free, reuse-after-free, and double free errors

EffectiveSan: Dynamically Typed C/C++

[PLDI’18]

• EffectiveSan stores meta data (META) at the base of all objects
• Given p into object q, use low-fat pointer base(p) to find (META)
• (META) stores the dynamic type which is checked at runtime

How EffectiveSan Works

LOW FAT

[PLDI’18]

WP3: Formal Verification

• The interaction between components is termed as protocols
• E.g., Single-Sign-On (SSO) protocol: the communication among a browser, a web

server and a website using SSO service

Communication as protocol

A.com

Username&password User (Client) Identity Provider (IdP) Access token Access token login

• Developed a framework to extract protocols from messages and perform

formal analysis

• Protocol extraction
• Protocol modelling
• Model verification
• Result confirmation

Communication as protocol

Modelling Protocol Extraction Analysis Protocol Modelling Refine Finished? Repeat Refinement Attacker Model Protocol Fuzzing Model Formal Verification Report Report Analysis Confirmed vulnerability Reconstruct Attack Attacker Model SDK Analysis Security Property Network Traces N Y Refined Protocol Verification

• Formal verification of the communication/protocols are necessary
• Protocols, especially security protocols, are error-prone
• Model checking based on PAT (Process Analysis Toolkit)
• Protocol: CSP# model
• Security properties: assertions or LTL
• Built a PAT library for modelling

cryptographic primitives and reasoning on attacker knowledge bounded sessions

Formal verification of protocols

[ICFEM‘17]

• Verification of security protocols with unbounded sessions
• Stateful security protocols - global states which influence the protocol behavior

and may unboundedly evolving

• Developed a specification framework based on horn clauses
• Developed a verification algorithm for verifying stateful security protocols with

unbounded evolving of global states

Formal verification of protocols

YES NO OR Represent as horn clauses with states Deduction of a targeted rule

Stateful protocol

protocol state change influence

Reasoning

• Knowledge forward

search for the attacker

• State backward search to

find a valid evolving trace

Specification Framework Verification Algorithm Result

[ICFEM‘17]

WP4: Sensitive Data Protection

Constant Latency Read-Only ORAM

§Leakage via data access patterns is common §Oblivious RAM incurs at best O(log N) overhead for read/write accesses §Key Insight: For read-only data, shuffle & access steps can be parallelized §Our Approach: With √N trusted hardware (SGX) cores on the server

§ Distribute work in each shuffle step to multiple threads § This matches the rate of access and shuffle operations

§Result: Constant latency with sufficient computational cores (80 threads)

§ 0.3 seconds to fetch a block of 256 KB

RQ: Can we achieve “constant latency” for specific case in real applications?

Encrypted RAM Encrypted Cloud Storage Peer-to-peer/ Distributed system Secret keys

User queries Online Behavior

Photos Music PDFs Videos

• Micro-containers with
• Targeted 20K-30K lines of code of TCB
• Unlike LibOSes, Panoply doesn’t virtualize the namespace

Panoply: Micro-containers for SGX

[NDSS’17]

• Tool-chain and OS support for new security
• Primitives and encrypted computation
• Panoply prototype
• Security primitives supporting application execution
• Limited SDK, Compiler, and library support
• Currently tested for 4 case studies

Panoply: Micro-containers for SGX

[NDSS’17]

• HTTP/2 Webserver with priviledge separattion

to prevent Neverbleed

H2O

• Distributed Anonymous Network

TOR

• Database streaming application

FreeTDS

• Popular SSL/TLS and cryptographic library

OpenSSL