|
The objective of this project is to improve the security of a wide range of network protocols that the Internet relies on. Unfortunately, the Internet has been evolving at a rapid rate but its initial design did not take security into consideration. In practice, this leads to a never-ending stream of network attacks that are continuously being discovered. The defenders are forced into a reactive position to these new and creative attacks, without having the necessary tools to understand and anticipate them. The proposed project aims to identify and analyze protocol flaws proactively and stay ahead of attackers. In particular, the project will develop a set of innovative and timely techniques, tools, and insights that will empower developers and researchers to analyze network protocols, identify their weaknesses, and correct them early on. The results will benefit all Internet users by providing a more secure network environment overall.
Specifically, the research is motivated by the following observations. First, emerging threats such as side channels have been largely overlooked in network protocols. Second, network attacks are getting more sophisticated, with new threat models such as cooperating local and remote attackers. Third, the network protocols and their interactions with the environment are getting more complex, especially when considering the prevalence of network middleboxes, host-based firewalls, and censorship firewalls, etc. The research will develop a combination of program analysis and network measurement techniques to systematically uncover vulnerabilities in a variety of network protocols. The insights gained from the project will enable better and more secure design and implementation of protocols.
|
CAREER: Empowering Attacker-Centric Security Analysis of Network Protocols