RUN-TIME ANALYSIS AND SECURITY OF MULTI-LANGUAGE SYSTEMS

The contemporary software development landscape has witnessed a widespread integration of diverse programming languages, leveraging the specific advantages of each, such as the efficiency of C and the programmability of Python. This trend finds notable applications in prominent domains, including the Android operating system and advanced machine learning frameworks like PyTorch. However, adopting this multi-language approach has ushered in aseries of great challenges for developers, necessitating the identification of robust solutions to tackle potential security vulnerabilities.Traditional techniques such as program analysis and fuzzing, initially designed for single-language software, face limitations in effectively uncovering vulnerabilities in multi-language systems. Program analysis grapples with challenges in comprehending the intricate control and data flows across diverse languages, often resulting in incomplete vulnerability detection. Conversely, greybox fuzzing encounters difficulties adapting to the nuances of various languages, leading to incomplete code coverage and complications in reproducing identified vulnerabilities. The intricacies within runtime systems supporting multilingual software exacerbate the security clearance predicament, as these systems are often constructed using multiple languages. This complexity adds an additional layer of difficulty for conventional security techniques, emphasizing the need for more adaptive and comprehensive approachestailored to the unique challenges posed by the multifaceted nature of multi-language systems.Within the scope of my dissertation, I endeavored to tackle the intricate challenges posed by vulnerabilities in multi-language software through a comprehensive and multifaceted approach. This approach entailed conducting extensive empirical investigations into vulnerability susceptibility, facilitating the development of dynamic cross-language information flow analysis. Recognizing the pivotal significance of comprehensive test input coverage, I devisedan integrated greybox fuzzing methodology. This innovative approach integrates sensitivity analysis and comprehensive whole-system coverage measurements, significantly enhancing the efficiency of the fuzzing process and vulnerability identification. Furthermore, I focused on fortifying runtime security by proposing a novel two-level collaborative fuzzing framework tailored explicitly for Python language runtime. This contribution was pivotal in reinforcing the software system’s foundational safeguards, ensuring a robust defense mechanism against potential security threats

Practical Fine-grained Privilege Separation in Multithreaded Applications

An inherent security limitation with the classic multithreaded programming model is that all the threads share the same address space and, therefore, are implicitly assumed to be mutually trusted. This assumption, however, does not take into consideration of many modern multithreaded applications that involve multiple principals which do not fully trust each other. It remains challenging to retrofit the classic multithreaded programming model so that the security and privilege separation in multi-principal applications can be resolved. This paper proposes ARBITER, a run-time system and a set of security primitives, aimed at fine-grained and data-centric privilege separation in multithreaded applications. While enforcing effective isolation among principals, ARBITER still allows flexible sharing and communication between threads so that the multithreaded programming paradigm can be preserved. To realize controlled sharing in a fine-grained manner, we created a novel abstraction named ARBITER Secure Memory Segment (ASMS) and corresponding OS support. Programmers express security policies by labeling data and principals via ARBITER's API following a unified model. We ported a widely-used, in-memory database application (memcached) to ARBITER system, changing only around 100 LOC. Experiments indicate that only an average runtime overhead of 5.6% is induced to this security enhanced version of application

Impact of climate change using CRAFT: a case study for West Africa

The CGIAR research program on Climate Change, Agriculture and Food Security Program’s (CCAFS) Regional Agricultural Forecasting Toolbox (CRAFT) is a framework for multi-scale spatial gridded simulations using an ensemble of crop models. The toolbox facilitates studies on the potential impact of climate change on crop production for a region in addition to other capabilities such as the regional in-season yield forecasting and risk assessment. CRAFT can be used to generate and conduct multiple simulation scenarios, maps, and interactive visualizations using a crop engine that can run the crop simulation models DSSAT, APSIM, and SARRA-H, in concert with the Climate Predictability Tool (CPT) for probabilistic seasonal climate forecasts

Multi-protocol Attack: A Survey of Current Research

Traditionally, verification methods for security protocols typically assume that the protocols are used in isolation of other protocols (i.e., there is only a single protocol using a network at a given time). However, in practice it is unrealistic to assume that a security protocol runs in isolation in an insecure network. A multi-protocol attack is an attack in which more than one protocol is involved. The verification methods for security protocols that assume a single protocol on a network will fail to verify a protocol�s resistance/vulnerability to multi-protocol attacks. Further, multiple security protocols that are verified to be correct in isolation can be susceptible to multiprotocol attacks when used over the same network. However, the verification of security properties for multiple protocols existing on the same network is difficult since security properties are not compositional. This paper surveys some of the recent approaches and contributions into the verification of security properties in the context of multiple protocols being run in an insecure network and the efforts to prevent multi-protocol attacks

Conclave: secure multi-party computation on big data (extended TR)

Secure Multi-Party Computation (MPC) allows mutually distrusting parties to run joint computations without revealing private data. Current MPC algorithms scale poorly with data size, which makes MPC on "big data" prohibitively slow and inhibits its practical use. Many relational analytics queries can maintain MPC's end-to-end security guarantee without using cryptographic MPC techniques for all operations. Conclave is a query compiler that accelerates such queries by transforming them into a combination of data-parallel, local cleartext processing and small MPC steps. When parties trust others with specific subsets of the data, Conclave applies new hybrid MPC-cleartext protocols to run additional steps outside of MPC and improve scalability further. Our Conclave prototype generates code for cleartext processing in Python and Spark, and for secure MPC using the Sharemind and Obliv-C frameworks. Conclave scales to data sets between three and six orders of magnitude larger than state-of-the-art MPC frameworks support on their own. Thanks to its hybrid protocols, Conclave also substantially outperforms SMCQL, the most similar existing system.Comment: Extended technical report for EuroSys 2019 pape

Design and implementation of the node identity internetworking architecture

The Internet Protocol (IP) has been proven very flexible, being able to accommodate all kinds of link technologies and supporting a broad range of applications. The basic principles of the original Internet architecture include end-to-end addressing, global routeability and a single namespace of IP addresses that unintentionally serves both as locators and host identifiers. The commercial success and widespread use of the Internet have lead to new requirements, which include internetworking over business boundaries, mobility and multi-homing in an untrusted environment. Our approach to satisfy these new requirements is to introduce a new internetworking layer, the node identity layer. Such a layer runs on top of the different versions of IP, but could also run directly on top of other kinds of network technologies, such as MPLS and 2G/3G PDP contexts. This approach enables connectivity across different communication technologies, supports mobility, multi-homing, and security from ground up. This paper describes the Node Identity Architecture in detail and discusses the experiences from implementing and running a prototype

Resolution of Linear Algebra for the Discrete Logarithm Problem Using GPU and Multi-core Architectures

In cryptanalysis, solving the discrete logarithm problem (DLP) is key to assessing the security of many public-key cryptosystems. The index-calculus methods, that attack the DLP in multiplicative subgroups of finite fields, require solving large sparse systems of linear equations modulo large primes. This article deals with how we can run this computation on GPU- and multi-core-based clusters, featuring InfiniBand networking. More specifically, we present the sparse linear algebra algorithms that are proposed in the literature, in particular the block Wiedemann algorithm. We discuss the parallelization of the central matrix--vector product operation from both algorithmic and practical points of view, and illustrate how our approach has contributed to the recent record-sized DLP computation in GF($2^{809}$).Comment: Euro-Par 2014 Parallel Processing, Aug 2014, Porto, Portugal. \<http://europar2014.dcc.fc.up.pt/\&gt

Enhancing Secrecy via Exploring Randomness in the Wireless Physical Layer

In order to establish a secure connections in the wireless environment, cryptographic methods may require an exchange of a key or secret. Fortunately, the environment provides randomness due to multi-path fading that can be exploited by physical-layer security algorithms to help establish this shared secret. However, in some cases, multi-path fading might be absent or negligible; therefore, we look for artificial ways to increase randomness. In this thesis, we explore antenna radiation variation by altering the phase between two antennas as a means of creating artificial fading. We construct a model of the antenna gain variation by analyzing the radiation pattern and run Monte-Carlo simulations to compare our approach to a base case with only multi-path fading. We then empirically collect data in order to confirm our analysis. Finally, we incorporate this model in a prominent security algorithm to demonstrate the improvements in security possible through such an approach

Multi-layer virtual transport network design

Service overlay networks and network virtualization enable multiple overlay/virtual networks to run over a common physical network infrastructure. They are widely used to overcome deficiencies of the Internet (e.g., resiliency, security and QoS guarantees). However, most overlay/virtual networks are used for routing/tunneling purposes, and not for providing scoped transport flows (involving all mechanisms such as error and flow control, resource allocation, etc.), which can allow better network resource allocation and utilization. Most importantly, the design of overlay/virtual networks is mostly single-layered, and lacks dynamic scope management, which is important for application and network management. In response to these limitations, we propose a multi-layer approach to Virtual Transport Network (VTN) design. This design is a key part of VTN-based network management, where network management is done via managing various VTNs over different scopes (i.e., ranges of operation). Our simulation and experimental results show that our multi-layer approach to VTN design can achieve better performance compared to the traditional single-layer design used for overlay/virtual networks.This work has been partly supported by National Science Foundation awards: CNS-0963974 and CNS-1346688