Information Leakage Detection in Distributed Systems using Software Agents

Covert channel attacks utilize shared resources to indirectly transmit sensitive information to unauthorized parties. Current security mechanisms such as SELinux rely on tagging the filesystem with access control properties. However, such mechanisms do not provide strong protection against information laundering via covert channels. Colored Linux [20], an extension to SELinux, utilizes watermarking algorithms to “color” the contents of each file with their respective security classification to enhance resistance to information laundering attacks. In this paper, we propose a mobile agent-based approach to automate the process of detecting and coloring receptive hosts’ filesystems and monitoring the colored filesystem for instances of potential information leakage. Implementation details and execution results are included to illustrate the merits of the proposed approach

Control-Flow Integrity for Real-Time Embedded Systems

Attacks on real-time embedded systems can endanger lives and critical infrastructure. Despite this, techniques for securing embedded systems software have not been widely studied. Many existing security techniques for general-purpose computers rely on assumptions that do not hold in the embedded case. This paper focuses on one such technique, control-flow integrity (CFI), that has been vetted as an effective countermeasure against control-flow hijacking attacks on general-purpose computing systems. Without the process isolation and fine-grained memory protections provided by a general-purpose computer with a rich operating system, CFI cannot provide any security guarantees. This work proposes RECFISH, a system for providing CFI guarantees on ARM Cortex-R devices running minimal real-time operating systems. We provide techniques for protecting runtime structures, isolating processes, and instrumenting compiled ARM binaries with CFI protection. We empirically evaluate RECFISH and its performance implications for real-time systems. Our results suggest RECFISH can be directly applied to binaries without compromising real-time performance; in a test of over six million realistic task systems running FreeRTOS, 85% were still schedulable after adding RECFISH

Trusted and high assurance systems

High assurance MILS (multiple independent levels of security) and MLS (multilevel security) systems require strict limitation of the interactions between different security compartments based on a security policy. Virtualization can be used to provide a high degree of separation in such systems. This work provides a study of commercial-off-the-shelf (COTS) products to support high assurance MLS systems and designs a candidate architecture based on virtualization and trusted execution to provide strong compartmentalization. We then identify three major security problems in the candidate architecture: the lack of trust in the network, the problem of patch management, and untrusted graphics. We study and solve each of the security gaps in detail. More specifically, we design and evaluate a trusted network architecture for high assurance applications, evaluate an optimal pre-deployment testing time for effective patch management, and finally design, implement, and formally evaluate a trusted graphics subsystem