Prof. Fred Chong receives NSF Cybertrust grant on malware defense
Prof. Fred Chong , along with Profs. Zhendong Su and Felix Wu (UC Davis),
have been awarded a $750,000 NSF grant on malware defense, titled
“A Vertical Systems Framework for Effective Defense against Memory-based Attacks”.
Abstract:
The security of national information infrastructures is undermined by
constant malicious attacks exploiting vulnerabilities in systems
software. Most existing attacks exploit memory-based flaws, such as
stack or heap overflows, and format string vulnerabilities. Current
defense mechanisms, either network- or host-based, are not sufficient
against many advanced attacks such as polymorphic or metamorphic worm
exploits. This project is to provide a comprehensive framework for
detecting, analyzing, and exterminating such attacks. The PIs take an
interdisciplinary approach, combining their expertise in computer
architecture, computer and network security, programming languages,
compilers, and software engineering to tackle this difficult problem. In
particular, the PIs propose a layered defense and analysis framework
that consists of: (1) an architecture layer for detecting and recovering
from unknown attacks; (2) an analysis layer for diagnosing attacks and
generating attack signatures; and (3) a testing layer for discovering
and fixing unknown software vulnerabilities. The intellectual merit of
this project will lie in the advanced techniques developed in this
project to defend against unknown, large-scale memory-based attacks.
This interdisciplinary project will allow an effective approach to
tackle this problem and advance knowledge in each of the requisite
disciplines with both novel systems concepts and advanced programming
language and analysis techniques. The broader impact of this project is
the potential for a more reliable and secure information systems
infrastructure. This will have tremendous economical impact on society
because of our growing reliance on information technologies. Research
results from this project (such as systems, simulators, and tools) will
be widely disseminated so that they can be further evaluated, enhanced,
and adopted to benefit other researchers and the industry.