Visible to the public TWC: TTP Option: Small: Differential Introspective Side Channels --- Discovery, Analysis, and DefenseConflict Detection Enabled

Project Details

Lead PI

Performance Period

Oct 01, 2015 - Sep 30, 2018


University of Michigan Ann Arbor

Award Number

Side channels in the security domain are known to be challenging to discover and eliminate systematically. Nevertheless, they can lead to a variety of stealthy attacks seriously compromising cybersecurity. This work focuses on an important class of side channels that are fundamental to the operations of networked systems. Rather than constantly reacting to newly discovered side channels because of security breaches with ad-hoc patches, this work enables the automated discovery of an important class of side channels that exist due to the inherent goal of exposing information to enable debugging and management of computing systems. This project is expected to bring a paradigm shift to the security area of side channel investigation that can bring significant economic benefits of preventing a diverse set of cyberattacks. This project also has important educational and workforce training benefits for both undergraduate and graduate students, in addition to the broader dissemination of the findings through applicable standards processes to ensure operational adoption.

This research investigates an entirely new class of side channel attacks against networked systems such as network stacks that can lead to significant damage to user privacy, network security, and application integrity. An example feature about this class of attacks is the requirement of actively injecting carefully crafted and potentially incorrect events to trigger error conditions in a program so as to reveal their internal sensitive states, which can indirectly expose critical information. Interestingly, the attacks are inherent byproducts of network and operating system design and implementation, which are fundamentally hard to modify. In contrast to other well-known side channels that can be directly observed through passive monitoring, e.g., power and timing, this class of side channels is much more subtle to discover and also more challenging to defend against. The proposed security work helps introduce a more rigorous approach to discovering a new class of side channels, that have direct impact on the security assurance of both small systems such as mobile devices as well as large network systems such as enterprise networks. This research develops methods to systematically and rigorously detect and eliminate such side channels by leveraging both program analysis and network measurement science. The investigation to understand the tradeoffs between security guarantee and manageability of network systems leads to more practical and usable security solutions that can be deployed in practice.