Space/Time Analysis for Cybersecurity (STAC)
Abstract
The Space/Time Analysis for Cybersecurity (STAC) program will develop techniques to detect vulnerabilities to algorithmic complexity and side channel attacks in software. Historically, adversaries have exploited software implementation flaws through buffer and heap overflow attacks. Advances in operating systems have largely mitigated such attacks, so now cyber adversaries must find new ways of compromising software. Algorithmic complexity and side channel attacks are emerging as the next generation of attacks since they depend on intrinsic properties of the algorithms themselves rather than flaws in their implementations. Recent news reports have highlighted the first wave of these attacks (CRIME, BREACH, Hash DoS). The STAC program seeks to develop new analysis tools and techniques to detect vulnerabilities to these attacks in the software upon which the U.S. government, military, and economy depend. STAC extends work initiated under the Automated Program Analysis for Cybersecurity (APAC) program to address algorithmic complexity and side channel attacks.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2016
- Source ID
- 955d7317065c0f46c2731648535fbbd2