This award is funded under the American Recovery and Reinvestment Act of 2009 (Public Law 111-5).
Software security attack prevention, which addresses threats posed by software vulnerabilities and malicious software, is important for modern computing, especially for embedded systems. Despite widespread research efforts, the increasing complexity of software and sophistication and ingenuity of software attacks have led to a constant need for innovation. Some of the shortcomings of conventional techniques are insufficient detection accuracy (false positives/negatives) and high performance penalties.
In this project, a new methodology will be investigated for detecting and preventing malicious code execution and software vulnerability exploits, with the potential to significantly improve the accuracy and efficiency beyond current techniques. It will leverage recent advances in related areas, such as virtualization and dynamic binary instrumentation, which enable efficient creation of isolated execution environments and dynamic monitoring and analysis of program execution. The key aspects of the project are safe post-execution analysis to detect violation of specific security policies, derivation of a hybrid model that represents a dynamic control of the program/data flow in terms of regular expressions and data invariants, run-time prevention of malicious behavior, and several software/hardware enhancements for efficiently deploying the defense framework on embedded systems.
The methodologies will be disseminated through research articles, and software tools developed will be placed on the world-wide web. Undergraduates will be encouraged to carry out independent research projects on this topic. Princeton encourages applications from female and minority students through special fellowships, which will be leveraged. Several other outreach activities are also planned for promoting education among underrepresented high school students.
