Stony Brook University Logo Department of Computer Science Stony Brook Search Button
Secure Systems Lab

Program analysis and transformations for Security

A vast majority of security problems in the real-world can be traced back to software vulnerabilities. In spite of increased efforts by software vendors to address them, there has been an enormous increase in software vulnerability reports over the past decade. Automated techniques are therefore needed to stem this rising tide. Two basic approaches have been explored in this context:

  • static analysis techniques that analyze program source code and warn programmers about likely security vulnerabilities, and
  • runtime monitoring techniques that detect (and often, prevent) attempts to exploit these vulnerabilities.

We are interested in both techniques, and have been influential in the second area. Many of our techniques have taken the form of source-to-source transformations on programs. The transformed programs contain additional runtime instrumentation, dynamic analysis and/or policy checking code that can prevent certain classes of attacks from succeeding. For instance, we have developed several techniques  [19, 15] that use randomization to provide probabilistic defense against memory corruption attacks. We have also developed techniques that can detect all memory errors in C programs  [20]. Memory error defenses continue to be an important area of research within the lab.

More recently, we showed that fine-grained dynamic taint analysis (also called information flow tracking) can be used together with security policies to detect a wide range of attacks that exploit software vulnerabilities  [18]. Taint analysis has become very popular in security, and out ongoing work is exploring several interesting new applications of this technique, including the development of novel intrusion detection techniques  [14], and malware defense  [16].

Related Publications

[1]  Code-Pointer Integrity
Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar and Dawn Song
The Continuing Arms Race: Code-Reuse Attacks and Defenses (Morgan-Claypool and ACM Press) January, 2018.
[2]  Memory corruption mitigation via hardening and testing
Laszlo Szekeres
PhD Dissertation (Stony Brook University) May, 2017.
[3]  Extracting Instruction Semantics Via Symbolic Execution of Code Generators
Niranjan Hasabnis and R. Sekar
ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE) November, 2016.
[4]  Securing Web Applications
Riccardo Pelizzi
PhD Dissertation (Stony Brook University) May, 2016.
[5]  JaTE: Transparent and Efficient JavaScript Confinement
Tung Tran, Riccardo Pelizzi and R. Sekar
Annual Computer Security Applications Conference (ACSAC) December, 2015.
[6]  Automatic Generation of Assembly to IR Translators Using Compilers
Niranjan Hasabnis and R. Sekar
Workshop on Architectural and Microarchitectural Support for Binary Translation (AMAS-BT) February, 2015.
[7]  Checking Correctness of Code Generator Architecture Specifications
Niranjan Hasabnis, Rui Qiao and R. Sekar
ACM/IEEE International Symposium on Code Generation and Optimization (CGO) February, 2015.
[8]  Code-Pointer Integrity
Volodymyr Kuznetsov, Laszlo Szekeres, Mathias Payer, George Candea, R. Sekar and Dawn Song
USENIX Operating System Design and Implementation (OSDI) October, 2014.
[9]  Eternal War in Memory
Laszlo Szekeres, Mathias Payer, Tao Wei and R. Sekar
IEEE Security and Privacy Magazine (S&P Magazine) May, 2014.
[10]  SoK: Eternal War in Memory
Laszlo Szekeres, Mathias Payer, Tao Wei and Dawn Song
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2013.
[11]  Light-weight Bounds Checking
Niranjan Hasabnis, Ashish Misra and R. Sekar
ACM/IEEE International Symposium on Code Generation and Optimization (CGO) April, 2012.
[12]  Taint-Enhanced Anomaly Detection
Lorenzo Cavallaro and R. Sekar
International Conference on Information Systems Security (ICISS) December, 2011.
[13]  PAriCheck: An Efficient Pointer Arithmetic Checker for C Programs
Yves Younan, Pieter Philippaerts, Lorenzo Cavallaro, R. Sekar, Frank Piessens and Wouter Joosen
ACM Symposium on Information, Computer and Communications Security (ASIACCS) March, 2010.
[14]  Anomalous Taint Detection (Extended Abstract)
Lorenzo Cavallaro and R. Sekar
Recent Advances in Intrusion Detection (RAID) September, 2008. (Full version available as Technical Report SECLAB08-06).
[15]  Data Space Randomization
Sandeep Bhatkar and R. Sekar
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008.
[16]  On the Limits of Information Flow Techniques for Malware Analysis and Containment
Lorenzo Cavallaro, Prateek Saxena and R. Sekar
Detection of Intrusions, Malware and Vulnerability Analysis (DIMVA) July, 2008. (Supercedes SECLAB07-03, November 2007).
[17]  Provably Correct Runtime Enforcement of Non-Interference Properties
V.N. Venkatakrishnan, Wei Xu, Daniel DuVarney and R. Sekar
International Conference on Information and Communications Security (ICICS) December, 2006. (Supercedes Technical Report SECLAB-04-01, Stony Brook University, March, 2004.).
[18]  Taint-Enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks
Wei Xu, Sandeep Bhatkar and R. Sekar
USENIX Security Symposium (USENIX Security) August, 2006. (An earlier version appeared as Technical Report SECLAB-05-06, November 2005. Also supercedes Technical Report SECLAB-05-05 A Unified Approach for Preventing Attacks Exploiting a Range of Software Vulnerabilities, August 2005, and Technical Report SECLAB-05-04 Practical dynamic taint analysis for countering input validation attacks on web applications, May 2005, [PDF]).
[19]  Efficient Techniques for Comprehensive Protection from Memory Error Exploits
Sandeep Bhatkar, R. Sekar and Daniel DuVarney
USENIX Security Symposium (USENIX Security) August, 2005.
[20]  An Efficient and Backwards-Compatible Transformation to Ensure Memory Safety of C Programs
Wei Xu, Daniel DuVarney and R. Sekar
ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE) November, 2004.
Overview

Research Areas

Source-code analysis/transformation
Binary analysis/rewriting
Policy/Specification Languages
OS and Virtualization Techniques
Algorithms
Learning/anomaly detection
Formal methods/Foundations


Research Problems

Randomization/Memory Errors
Information flow analysis
Automated Exploit Defenses
Virtual Network Lab
Safe execution/attack recovery
Automated signature generation
Malware/Untrusted code defense
Intrusion/Anomaly detection
Fast packet matching
Policy generation tools


Local Search



Home Contact NSI Computer Science Stony Brook University

Copyright © 1999-2013 Secure Systems Laboratory, Stony Brook University. All rights reserved.