Overview

Cyber-attacks are estimated to cost the world economy more than $400 billion annualy. From botnets to advanced persistent threats to targeted attacks, system vulnerabilities in combination with a successful exploit can grant an attacker unauthorized access to a computing system, entailing the possibility to exfiltrate sensitive data of valuable individuals, companies, and critical infrastructures.

Zero-day exploits can be used to leverage unknown vulnerabilities in order to gain access in a stealthy way to systems believed to be secure. And they are very valuable, being traded for considerable sums in the upper six-digit range, which reflects the months of work that it takes highly skilled professionals to develop a working exploit.

Our goal is to pro­tect trusted sys­tems by re­duc­ing the prob­a­bil­ity of com­pro­mise and in­creas­ing the cost of craft­ing ex­ploits, while stay­ing with­in per­for­mance tar­gets and usa­bil­ity re­quire­ments.

—Anil Kurmus, IBM scientist

Proactive defense

To address the increasingly complex task of securing modern systems, we follow a three-pronged strategy

Finding vulnerabilities from the code base

We use static and dynamic program analysis methods such as fuzz testing to discover vulnerabilities before attackers do.

Preventing vulnerabilities from being reachable

Bugs in the code that are not available to the attacker cannot turn into vulnerabilities. Using attack surface reduction, we limit the exposed APIs and code paths to the absolute minimum.

Preventing exploitation of reachable vulnerabilities

We harden programs to make them more robust so that attackers cannot make use of bugs to craft an exploit.

Ask the experts

Anil Kurmus

Anil Kurmus

IBM Research scientist

Matthias Neugschwandtner

Matthias Neugschwandtner

IBM Research scientist

Alessandro Sorniotti

Alessandro Sorniotti

IBM Research scientist

Publications

[1] A. Kurmus, N. Ioannou, M. Neugschwandtner, N. Papandreou, T. Parnel “Is there a ‘rowhammer’ for MLC NAND flash SSDs? An analysis of filesystem attack vectors”
To appear in: Proceedings of the Workshop on Offensive Technologies (WOOT’17) 2017.

[2] N. Weichbrodt, A. Kurmus, P. Pietzuch, Rüdiger Kapitza
AsyncShock: Exploiting synchronisation bugs in Intel SGX enclaves
In: Proceedings of the European Symposium on Research in Computer Security (ESORICS’16) 2016.

[3] M. Neugschwandtner, A. Beitler, A. Kurmus
A transparent defense against USB eavesdropping attacks
In: Proceedings of the 9th European Workshop on System Security (EUROSEC’16) 2016.

[4] M. Neugschwandtner, C. Mulliner, W. Robertson, E. Kirda
Runtime Integrity Checking for Exploit Mitigation on Lightweight Embedded Devices
In: Proceedings of the International Conference on Trust and Trustworthy Computing (TRUST’16) 2016.

[5] C. Mulliner, M. Neugschwandtner
Breaking Payloads with Runtime Code Stripping and Image Freezing
BlackHat USA, 2015.

[6] M. Neugschwandtner, P. Milani Comparetti, I. Haller, H. Bos
Nanoprobing Binaries for Buffer Overreads
ACM Conference on Data and Application Security and Privacy (CODASPY’15) 2015.

[7] A. Kurmus, R. Zippel
A Tale of Two Kernels: Towards Ending Kernel Hardening Wars with Split Kernel
In: Proceedings of the 2014 ACM Conference on Computer and Communications Security (CCS’14) 2014.

[8] A. Kurmus, S. Dechand, R. Kapitza
Quantifiable Run-time Kernel Attack Surface Reduction
In: Proceedings of the 10th International Conference on Detection of Intrusions and Malware, Vulnerability Assessment (DIMVA’14) 2014.

[9] J. Zaddach, A. Kurmus, D. Balzarotti, E.-O. Blass, A. Francillon, T. Goodspeed, M. Gupta, I. Koltsidas
Implementation and Implications of a Stealth Hard-Drive Backdoor
In: Proceedings of Annual Computer Security Applications Conference (ACSAC’13) Best student paper award, 2013.

[10] A. Kurmus, R. Tartler, D. Dorneanu, B. Heinloth, V. Rothberg, A. Ruprecht, W. Schröder-Preikschat, D. Lohmann and R. Kapitza
Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring
In: Proceedings of the 20th Network and Distributed System Security Symposium (NDSS’13) 2013.

[11] A. Kurmus, A. Sorniotti, R. Kapitza
Attack Surface Reduction For Commodity OS Kernels
In: Proceedings of the Fourth European Workshop on System Security (EUROSEC’11) 2011.