Projects

Embedded systems (ES), cyber-physical systems (CPS) and internet-of-things (IoT) devices, have percolated into many aspects of daily life, such as households, offices, buildings, factories, and vehicles. This trend of “smartification” of devices that were previously analog (or at least not connected) brings many obvious benefits. However, it also expands the attack surface and turns these newly computerized gadgets into natural and attractive targets for attacks, especially, malware infestations. Unfortunately, security is typically not a key priority for device manufacturers, due to cost, size, or power constraints. It is thus unrealistic to expect such devices to have the means to prevent current and future malware attacks. The next best thing is detection of malware presence, which typically requires some form of Remote Attestation.

In this project, we look into different aspects of Remote Attestation, including its use in safety-critical/real-time settings or the time-of-check-to-time-of-use (TOCTOU) issue. We also use Remote Attestation as a building block to design and implement other security services such as secure code update, secure system reset, secure memory erasure, and secure code execution. In addition, we are interested in applying formal methods to ensure security guarantees in both the design and implementation of the proposed security services.

Implementation flaws in cryptographic libraries, design flaws in underlying cryptographic primitives, and weaknesses in protocols using both, can all lead to exploitable vulnerabilities in software. Manually fixing such issues is challenging and resource-consuming, especially when maintaining legacy software that contains broken or outdated cryptography, and for which source code may not be available. While there is existing work on identifying cryptographic primitives (often in the context of malware analysis), none of this prior work has focused on replacing such primitives with stronger (or more secure ones) after they have been identified.

In this project, we explore feasibility of designing and implementing a toolchain for Augmentation and Legacy-software Instrumentation of Cryptographic Executables (ALICE). The key features of ALICE are: (i) automatically detecting and extracting implementations of weak or broken cryptographic primitives from binaries without requiring source code or debugging symbols, (ii) identifying the context and scope in which such primitives are used, and performing program analysis to determine the effects of replacing such implementations with more secure ones, and (iii) replacing implementations of weak primitives with those of stronger or more secure ones.