Overview

Cyber-attacks are estimated to cost the world economy more than $400 billion annualy. From botnets to advanced persistent threats to targeted attacks, system vulnerabilities in combination with a successful exploit can grant an attacker unauthorized access to a computing system, entailing the possibility to exfiltrate sensitive data of valuable individuals, companies, and critical infrastructures.

Zero-day exploits can be used to leverage unknown vulnerabilities in order to gain access in a stealthy way to systems believed to be secure. And they are very valuable, being traded for considerable sums in the upper six-digit range, which reflects the months of work that it takes highly skilled professionals to develop a working exploit.


Visit our blog here.

Our goal is to pro­tect trusted sys­tems by re­duc­ing the prob­a­bil­ity of com­pro­mise and in­creas­ing the cost of craft­ing ex­ploits, while stay­ing with­in per­for­mance tar­gets and usa­bil­ity re­quire­ments.

—Anil Kurmus, IBM scientist

Proactive defense

To address the increasingly complex task of securing modern systems, we follow a three-pronged strategy

Finding vulnerabilities from the code base

We use static and dynamic program analysis methods such as fuzz testing to discover vulnerabilities before attackers do.

Preventing vulnerabilities from being reachable

Bugs in the code that are not available to the attacker cannot turn into vulnerabilities. Using attack surface reduction, we limit the exposed APIs and code paths to the absolute minimum.

Preventing exploitation of reachable vulnerabilities

We harden programs to make them more robust so that attackers cannot make use of bugs to craft an exploit.

security

Featured project

OS kernel security

OS kernels are increasingly relied upon to enforce security guarantees.
Therefore, OS kernels are a prime target for proactive defense measures.

Here are the different approaches we have taken towards that goal.

Learn more

Ask the experts

Alessandro Sorniotti

Alessandro Sorniotti
IBM Research scientist

Andrea Mambretti

Andrea Mambretti
Security Researcher

Anil Kurmus

Anil Kurmus
IBM Research scientist

Kevin Tavukciyan

Kevin Tavukciyan
Security Researcher

Publications

[1] A. Mambretti, M. Neugschwandtner, A., E. Kirda, W. Robertson, A. Kurmus
Speculator: A Tool to Analyze Speculative Execution Attacks and Mitigations
To appear in: Proceedings of the 35th Annual Computer Security Applications Conference (ACSAC’19).

[2] A. Bhattacharyya, A. Sandulescu, M. Neugschwandtner, A. Sorniotti, B. Falsafi, M. Payer, A. Kurmus
SMoTherSpectre: exploiting speculative execution through port contention
To appear in: Proceedings of the 26th ACM Conference on Computer and Communications Security (ACM CCS’19) 2019.

[3] A. Mambretti, A. Sandulescu, M. Neugschwandtner, A. Sorniotti, A. Kurmus
Two methods for exploiting speculative control flow hijacks
In: Proceedings of the 13th USENIX Workshop on Offensive Technologies (WOOT’19) 2019.

[4] M. Neugschwandtner, A. Sorniotti, A. Kurmus
Memory Categorization: Separating Attacker-Controlled Data
In: Proceedings of the 16th Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA’19) 2019.

[5] A. Kurmus, N. Ioannou, M. Neugschwandtner, N. Papandreou, T. Parnel
Is there a ‘rowhammer’ for MLC NAND flash SSDs? An analysis of filesystem attack vectors
In: Proceedings of the Workshop on Offensive Technologies (WOOT’17) 2017.

[6] N. Weichbrodt, A. Kurmus, P. Pietzuch, Rüdiger Kapitza
AsyncShock: Exploiting synchronisation bugs in Intel SGX enclaves
In: Proceedings of the European Symposium on Research in Computer Security (ESORICS’16) 2016.

[7] M. Neugschwandtner, A. Beitler, A. Kurmus
A transparent defense against USB eavesdropping attacks
In: Proceedings of the 9th European Workshop on System Security (EUROSEC’16) 2016.

[8] M. Neugschwandtner, C. Mulliner, W. Robertson, E. Kirda
Runtime Integrity Checking for Exploit Mitigation on Lightweight Embedded Devices
In: Proceedings of the International Conference on Trust and Trustworthy Computing (TRUST’16) 2016.

[9] C. Mulliner, M. Neugschwandtner
Breaking Payloads with Runtime Code Stripping and Image Freezing
In: Proceedings of 18th Black Hat USA, 2015.

[10] M. Neugschwandtner, P. Milani Comparetti, I. Haller, H. Bos
Nanoprobing Binaries for Buffer Overreads
In: Proceedings of the ACM Conference on Data and Application Security and Privacy (CODASPY’15) 2015.

[11] A. Kurmus, R. Zippel
A Tale of Two Kernels: Towards Ending Kernel Hardening Wars with Split Kernel
In: Proceedings of the ACM Conference on Computer and Communications Security (CCS’14) 2014.

[12] A. Kurmus, S. Dechand, R. Kapitza
Quantifiable Run-time Kernel Attack Surface Reduction
In: Proceedings of the 10th International Conference on Detection of Intrusions and Malware, Vulnerability Assessment (DIMVA’14) 2014.

[13] J. Zaddach, A. Kurmus, D. Balzarotti, E.-O. Blass, A. Francillon, T. Goodspeed, M. Gupta, I. Koltsidas
Implementation and Implications of a Stealth Hard-Drive Backdoor
In: Proceedings of Annual Computer Security Applications Conference (ACSAC’13) Best student paper award, 2013.

[14] A. Kurmus, R. Tartler, D. Dorneanu, B. Heinloth, V. Rothberg, A. Ruprecht, W. Schröder-Preikschat, D. Lohmann and R. Kapitza
Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring
In: Proceedings of the 20th Network and Distributed System Security Symposium (NDSS’13) 2013.

[15] A. Kurmus, A. Sorniotti, R. Kapitza
Attack Surface Reduction For Commodity OS Kernels
In: Proceedings of the 4th European Workshop on System Security (EUROSEC’11) 2011.