Security Assurance through Protocol Customization: Novel Program Analysis and Machine Learning based Automation

Abstract

We propose to develop several innovative techniques that take advantages of program analysis, combining static and dynamic analysis," as well as machine learning with deep learning based enhancements to realize the main objectives of protocol customization. We will tackle both the Protocol Subsetting and Protocol Dialect aspects of the problem. Protocol Dialect is to be treated as an optimizati"on or enhancement beyond Protocol Subsetting, when removing the constraints of retaining compatible external interfaces. Since Diale""ct more significantly alters the protocol, we do notdirectly explore that option until clear benefits such as improved security pro""perties, ease of correctness verification, performance emerge. This helps ensure that the transformed protocol is as close to the or"iginal protocol as possible for ease of maintenance.Various machine learning techniques are known to be effective in extracting patterns that are oth-erwise difficult to identify under uncertainties. It is also particularly helpful in utilizing empirical data to identify how to adapt or reconfigure parameters or algorithms in practical system imple-mentations. The challenge of protocol customization has many dimensions. One such challenge is to accurately identify the part of the program or protocol logic that captures t"he relevant func-tionality to be white-listed, such that the remaining functionality can be disabled by default toeliminate potenti"al security vulnerabilities. We propose to apply machine learning aggressively and broadly to address this particular challenge and" other related challenges in this project, so that we can develop an intelligent protocol customization framework that accurately in""corporates the administrator~s requirements.We build upon our vast prior work published in top security conferences [1, 2, 3, 4, 5]"" of applying program analysis for realizing various security assurance in implementations of network protocols (e.g., TCP), network"" applications (e.g., popular mobile apps), as well as network stack of mobile OS (e.g., Android). In all these previous projects, we"" have developed research prototypes that have been successfully evaluated on real systems and identified security vulnerabilities, f""or which we have proposed defense solutions. Given our extensive experience in mobile systems andnetwork-based protocols, we propos""e to focus this project on two types of emerging application domains, namely Autonomous Vehicular (AV) and Internet of Things (IoT)"" based applications, in addition to a class of commonly used protocols, informed by the CVE database. Our ongoing work [6,7] in both" application domains ensure that we are wellinformedof the security challenges and application use requirements. We propose to carry out our research and engineering efforts at two different levels or abstractions:(1) protocol level analysis focusing on protocol descriptions or specifications (2) protocol imple-mentation or program-level analysis focusing on implementations of critical and c"ommonly used protocols. Combining the work at both levels allow us to leverage relevant tools with different types of limitations, s"o that we can provide the strongest security and correctness guarantees in the resulting transformed protocol implementations.

Document Details

Document Type

DoD Grant Award

Publication Date

Dec 20, 2017

Source ID

N000141812020

Entities

Tags