UCSB Verification Lab (VLab) Discovers a New Type of Security Vulnerability
In two recent papers to be presented at the IEEE Symposium on Security and Privacy (S&P) and the International Conference on Software Engineering (ICSE), Tegan Brennan, a PhD student in VLab, and her advisor and director of VLab Prof. Tevfik Bultan, report a new type of side-channel that leaks information in modern software systems. S&P and ICSE are the top publication venues in computer security and software engineering research, respectively.
Side channels are a class of information leaks where secret information can be captured through the observation of non-functional side effects of software systems. For example, an attacker might gain knowledge about sensitive data by observing a system’s execution time, memory usage, size and timing of network packets, and power consumption.
We trust computer systems with our sensitive data daily. Apps might store and handle our banking information, medical diagnoses and personal identification credentials. Providing this data to online systems makes our lives more convenient, but means that we are reliant on the security of these systems to protect our privacy. Unfortunately, cyber-attacks stealing confidential information are becoming increasingly frequent and devastating. Many software development practices, such as the encryption of packages sent over a network, aim to protect the confidentiality of private data. Under these protections, the software system’s main communication channels, such as the content of the network packets it sends or the output it writes to a public file, should not leak information about private data. However, many software systems still contain serious security vulnerabilities due to side channels.
In a follow up paper titled “JVM Fuzzing for JIT-Induced Side-Channel Detection” that was accepted to be presented at the 42nd International Conference on Software Engineering (ICSE 2020), Tegan Brennan, Seemanta Saha (a PhD student at VLab) and Prof. Bultan, describe an automated approach for detection and evaluation of JIT-induced side channels in programs. Their approach allows software developers to automatically evaluate whether a Java program might be vulnerable to this class of side-channels and under what runtime conditions the program is susceptible. This approach allows a developer to detect JIT-induces side-channels automatically before a software system is deployed and can be exploited. Tegan Brenan and Prof. Bultan are currently working on mitigation techniques that would eliminate JIT-induced side channels in programs once they are detected without sacrificing the performance of the program.