Systems

Attacks on computer networks are an all too familiar event, leaving operators with little choice but to deploy a myriad of monitoring devices to ensure dependable and stable service on the networks they operate. However, as networks grow bigger and faster, staying ahead of the constant deluge of attack traffic is becoming increasingly difficult. A case in point is the attacks on enterprise name servers that interact with the Domain Name System (DNS). These name servers are critical infrastructure, busily translating human readable domain names to IP addresses.

In cache-based side-channel attacks, an attacker with no special privileges or physical access can extract secrets from a victim process by observing its memory accesses through a shared cache. Such attacks have been demonstrated on a number of platforms, and represent a dangerous and open threat. This project explores side-channel attacks on the shared lower-level-caches (LLCs) in modern CPUs.

Software systems are under constant attack: extracting sensitive data from running computer systems is a prime and highly lucrative target for attackers. Yet, current defense mechanisms fail to protect confidential or private data along with the integrity and availability of the underlying system. While it is important to find and fix vulnerabilities, it is unlikely that all vulnerabilities will ever be discovered. Therefore, there is an argument to be had for stronger defense mechanisms that protect software systems even in the presence of vulnerabilities.

The problem of cyber-security encompasses computer systems of all sizes and affects almost all aspects of our day-to-day lives. This makes it fundamentally important to detect accurately and respond quickly to cyber-threats as they develop. This project aims to develop techniques and tools that can accelerate the process of understanding and responding to new cyber-threats as they develop. The authors of malicious software (malware) usually try to make the malware stealthy in order to avoid detection.

Field-programmable gate arrays (FPGAs) are hardware circuits that can be reconfigured by a system user after being deployed. FPGAs are a compelling alternative architecture that may allow hardware performance to continue to improve at a dramatic rate. Unfortunately, systems that incorporate an FPGA may allow a potentially untrusted user to reprogram hardware after it has been deployed. Such a scenario enables novel security attacks that can leak a user's private information or corrupt critical information stored on a system, but are performed entirely in hardware.