Software flaws are the culprit behind the vast majority of security vulnerabilities being reported today. Despite the efforts made by vendors to address these flaws, the number of vulnerabilities in popular software continues to increase from one year to the next. The emergence of a profitable marketplace for malware and botnets has transformed the threat of "zero-day attacks" from an academic interest into an urgent problem facing system administrators everyday.
In this threat environment, today's solution of waiting for a vendor-provided patch (or software upgrade) is no longer adequate. Instead, end-users and system administrators need tools and techniques that can protect their systems from being compromised, even if they contain vulnerabilities. In this talk, I will present a promising new technique called "taint-enhanced policy enforcement" to address this problem. Our technique combines program transformation with simple security policies to defeat most common exploit classes, including buffer overflows, format string attacks, SQL injection, command injection, cross-site scripting, and directory traversal. It introduces low runtime overheads for many popular servers that are I/O-intensive, but the overhead can be significant for CPU-intensive applications. To overcome this drawback, I will describe a technique for automated generation of attack signatures. By filtering out inputs that match these signatures, even those servers that don't deploy policy-based defenses can be protected from future attacks, while incurring low performance overheads.
Our signature generation and filtering techniques together constitute an immune system for services, providing the ability to preserve server integrity as well as availability in the face of repeated attacks. By sharing signatures, large communities that run the same server software can quickly acquire immunity from their shared vulnerabilities. This approach transforms software monocultures, which are thought to be bad from a security perspective, into a strength.
R. Sekar (http://www.cs.stonybrook.edu/~sekar) is a Professor of Computer Science and the Director of the Secure Systems Laboratory (http://seclab.cs.stonybrook.edu/) and the Center for Cybersecurity (http://ccs.cs.stonybrook.edu/) at Stony Brook University. He has a Bachelor's degree in Electrical Engineering from IIT, Madras (India) and a Ph.D. in Computer Science from Stony Brook. He then served as a Research Scientist in Networking Research at Bellcore. After five years, he moved to Iowa State University, and then subsequently to Stony Brook. Sekar's research interests are focused on computer security, with specialization in attack detection, prevention, containment, response, and recovery; mobile and untrusted code security; malware; security policies and enforcement; anomaly detection; vulnerability analysis; and testbeds for network security experiments. His research has been supported by AFOSR, DARPA, NSF, ONR, the State of New York, and industry sponsors.