Automatic Discovery of Protocol Manipulation Attacks in Large Scale Distributed Systems Implementations
Most distributed systems are designed to meet application-prescribed metrics that ensure availability and high-performance. However, attacks can significantly degrade performance, limiting the practical utility of these systems in adversarial environments. Specifically, compromised participants can manipulate protocol semantics through attacks that target the messages exchanged with honest participants. Finding attacks against performance in distributed systems implementations is a very challenging task due to (1) state-space explosion that occurs as attackers are more realistically modeled, (2) diversity of programming language, software, operating systems and the subtle interactions between the software components, (3) diversity of communication channels (wired or wireless communication, TCP or UDP, encrypted or not-encrypted), (4) difficulty of expressing performance as an invariant in the system, (5) difficulty of capturing real-world performance in a reproducible way, not only the system performance but the network conditions when that performance was obtained. This project aims to build an easy-to-use and maintain, low cost platform to find reproducible, real, high-impact, malicious performance attacks on distributed systems implementations in realistic environment.
Many networking protocols have been designed without security in mind, and many cryptographic schemes have been designed without practical deployments in mind. Moreover, most of security-enhanced communication protocols still lack the provable-security treatment and hence the security guarantees. This project aims at bridging the gap between protocol design, implementation, deployment, and security guarantees by developing a novel general security framework that facilitates the provable-security analyses of practical networking protocols. The project has an interdisciplinary approach as it combines concepts from applied cryptography and algorithms with implementation and empirical analyses to provide a unifying framework for studying and developing secure communication protocols. This joint design effort yields both new cryptographic foundations and fundamentally secure networking protocols. >
As organizations collect increasingly large amounts of security logs, this data can be used proactively for breach prevention and mitigation. Security analytics is defined as the applications of machine learning and data mining in cyber security. We are actively working on new techniques to extract meaningful intelligence from different data sources, and detect security-related anomalies with high accuracy and low false positive rates. Of particular interest are stealthy attacks such as advanced persistent threats (APTs) and insider threats ? difficult to detect in general with existing technologies. We are designing analytics-based security services within an organization perimeter that complement existing defenses by analyzing large amounts of security logs in real-time and generating prioritized alerts of suspicious activities.
With all their economical advantages, the shared, large-scale cloud infrastructure introduces new security threats, and also amplifies well-known security risks. This project is focused on designing techniques to protecting cloud users against emerging threats experienced by public clouds. Currently, we are building a monitoring infrastructure for the Massachusetts Open Cloud (MOC) in collaboration with researchers from Boston University. We instrument all cloud layers including physical, virtual, cloud management and network and design a flexible architecture that carefully calibrates the tension between transparency and privacy risks imposed on cloud users. We plan to apply machine learning techniques to profile legitimate activities and detect a wide range of attacks against the cloud such as data leakage, account compromise and abuse of cloud services.
Machine learning has numerous applications to security and privacy. For example, intrusion detection systems use signatures to detect known attacks, email systems use Bayesian filters to detect spam, several protocols use spatial-temporal outlier detection, decision trees, or support vector machines (SVM) to filter malicious data or detect attacks. While machine learning techniques have been very useful in defending against attacks where adversaries are not knowledgeable of the intricacies of the defense techniques themselves, they are less effective in the presence of adaptive and smart adversaries that exploit the specifics of machine learning defenses in an attempt to bypass them or to make them less useful because of a high number of false alarms. In this project we focus on machine learning techniques that have to operate in the presence of a diverse class of adversaries with sophisticated capabilities. The overarching goal of the project is to understand the attack-defense space when machine learning is used for security and privacy applications, identify the vulnerabilities and limitations of different machine learning approaches, and propose solutions to address them.
This project combines expertise from natural language processing and network security to create and build a framework for vulnerability discovery in network protocols, by leveraging semantic interpretation of textual specification, automated attack generation and injection, and property model checking for software implementations. The framework consists of two phases, a knowledge building phase and a vulnerability finding phase. In the knowledge building phase, semantic interpretation NLP techniques is applied to structured text (RFCs and documentation) and unstructured text (blogs, forums, and bug reports) to learn structured information about protocols such as: message formats, protocol state machine, constraints, etc. In the second phase the information learned in the knowledge phase is applied to two mechanisms for vulnerability finding, the first uses the structured protocol information to create and inject attacks, and the second uses the same information to derive protocol requirements and use them to model check finite state machines extracted from protocol implementations.
Vehicular networks present tremendous opportunities to increase safety through applications such as collision avoidance or traffic and congestion control by means of vehicle-to-vehicle and vehicle-to-infrastructure communication. In order to ensure the successful adoption of these applications connected vehicles networks have to address the same major concerns that all form of communications have in terms of security, from bootstrapping trust to ensuring authentication and integrity of the communication, to more complex issues as these services and networks are going to interact with each other and with other networks including the Internet. In this project, our overarching goal is examine the main threats in connected vehicles applications under different adversarial models and deployments.
Software-defined infrastructure (SDI) is a paradigm where the configuration and management of the infrastructure are controlled through software with limited (or no) manual intervention. It generalizes the concept of software-defined networking (SDN) to include application requirements from the infrastructure. Security is critical for SDI given the automated nature of its management and the numerous vulnerabilities introduced by many implementations. In this project, we focus on understanding the full spectrum of security and fault-tolerance requirements in SDI and propose practical solutions.