Software vulnerabilities have been the biggest culprit behind cyber attacks in the past several years. A handful of vulnerabilities, such as buffer overflows, format string, SQL injection, command injection, cross-site scripting, and directory traversals, have come to dominate, accounting for about 70% of the CVE vulnerabilities reported in the last two years. Although that these vulnerabilities are well understood and documented, their number continues to escalate from one year to the next. New vulnerabilities continue to be discovered in recently released software, as well as established software.
This will develop novel techniques for defending applications from known as well as unknown attacks, and for immunizing applications from future attack instances. The proposed approach can thus protect the integrity as well as the availability of vulnerable applications. A central component of the proposed approach is an efficient fine-grained dynamic taint analysis that tracks the flow of untrusted information through a vulnerable program. Both specification-based and anomaly-based attack detection techniques can be made highly versatile and accurate by using fine-grained taint, and can stop the wide range of attacks mentioned above. Taint analysis will also form the basis of an immunization technique that is based on learning input filters that characterize attack-bearing inputs, and selectively discarding such inputs.
The proposed work can address multi-billion dollar losses experienced due to cyber attacks, since it can stop most types of exploits before they cause damage. To maximize impact, the techniques developed in the project will be implemented into open-source software prototypes.
