REDBOOK: Robust hardwarE-based Defences against Buffer Overflows and Other cybersecurity attacKs
From Navigators
(Difference between revisions)
(Created page with "{{Project |Acronym=REDBOOK |Title=Robust hardwarE-based Defences against Buffer Overflows and Other cybersecurity attacKs |Past Project=no |ResearchLine=Timeliness and Adaptation...") |
|||
| Line 3: | Line 3: | ||
|Title=Robust hardwarE-based Defences against Buffer Overflows and Other cybersecurity attacKs | |Title=Robust hardwarE-based Defences against Buffer Overflows and Other cybersecurity attacKs | ||
|Past Project=no | |Past Project=no | ||
| - | |ResearchLine= | + | |ResearchLine=Fault and Intrusion Tolerance in Open Distributed Systems (FIT) |
|Sponsor=FCT | |Sponsor=FCT | ||
|Project Number=PTDC/EEI-HAC/31273/2017 | |Project Number=PTDC/EEI-HAC/31273/2017 | ||
| Line 12: | Line 12: | ||
|year=2019 | |year=2019 | ||
|Duration months=36 | |Duration months=36 | ||
| + | |Keywords=runtime verification, non-intrusive system monitoring, cyber-physical systems, cybersecurity | ||
|Summary=For decades, numerous vulnerabilities have put computer systems and applications at risk. Several cybersecurity issues have been recurrent, being Buffer Overflows (BOs) vulnerabilities a primary attack method, which nowadays still accounts for more than 25% of the reported attacks. Such a high number clearly shows that classical software-based and compiler-assisted techniques for preventing exploitation of buffer overflow vulnerabilities did not succeed. Existing hardware-based methods (e.g., StackGhost) | |Summary=For decades, numerous vulnerabilities have put computer systems and applications at risk. Several cybersecurity issues have been recurrent, being Buffer Overflows (BOs) vulnerabilities a primary attack method, which nowadays still accounts for more than 25% of the reported attacks. Such a high number clearly shows that classical software-based and compiler-assisted techniques for preventing exploitation of buffer overflow vulnerabilities did not succeed. Existing hardware-based methods (e.g., StackGhost) | ||
are too restricted and therefore they are not widely used. This project aims the design of an innovative hardware-based system monitoring architecture, introducing novel non-intrusive observation and runtime verification mechanisms for robust defence against | are too restricted and therefore they are not widely used. This project aims the design of an innovative hardware-based system monitoring architecture, introducing novel non-intrusive observation and runtime verification mechanisms for robust defence against | ||
cybersecurity hazards emerging either from accidental faults or from malicious attacks. Technical feasibility will be demonstrated for SPARC (aerospace applications) and ARM (telecommunications, including mobile) platforms. | cybersecurity hazards emerging either from accidental faults or from malicious attacks. Technical feasibility will be demonstrated for SPARC (aerospace applications) and ARM (telecommunications, including mobile) platforms. | ||
| - | |Researchers=Pedro M. Ferreira, António Casimiro, Ibéria Medeiros, | + | |Team Size=5 |
| + | |Researchers=Pedro M. Ferreira, António Casimiro, Ibéria Medeiros, | ||
}} | }} | ||
Revision as of 15:55, 22 September 2020
- Research Line(s): Fault and Intrusion Tolerance in Open Distributed Systems (FIT)
- Sponsor: FCT
- Project Number: PTDC/EEI-HAC/31273/2017
- Total award amount: 215.9K Euros
- Coordinator: Pedro Ferreira
- Partners: FCUL
- Start Date: Oct. 2019
- Duration: 36 months
- Keywords: runtime verification, non-intrusive system monitoring, cyber-physical systems, cybersecurity
- Team at FCUL: 5 researchers, including Pedro M. Ferreira, António Casimiro, Ibéria Medeiros
For decades, numerous vulnerabilities have put computer systems and applications at risk. Several cybersecurity issues have been recurrent, being Buffer Overflows (BOs) vulnerabilities a primary attack method, which nowadays still accounts for more than 25% of the reported attacks. Such a high number clearly shows that classical software-based and compiler-assisted techniques for preventing exploitation of buffer overflow vulnerabilities did not succeed. Existing hardware-based methods (e.g., StackGhost) are too restricted and therefore they are not widely used. This project aims the design of an innovative hardware-based system monitoring architecture, introducing novel non-intrusive observation and runtime verification mechanisms for robust defence against cybersecurity hazards emerging either from accidental faults or from malicious attacks. Technical feasibility will be demonstrated for SPARC (aerospace applications) and ARM (telecommunications, including mobile) platforms.
BibTeX
Navigators - REDBOOK project| Current projects: | VEDLIoT, SATO, ADMORPH, SEAL, AQUAMON, UPVN, REDBOOK, ThreatAdapt, SEL, Xivt |
|---|---|
| Past projects: | TCLOUDS, MASSIF, MAFTIA, RESIST NoE, DiSIEM, KARYON, HIDENETS, CORTEX, CRUTIAL, TRONE, SITAN, ReD, IRCoC, DIVERSE, CloudFIT, READAPT, REGENESYS, RC-Clouds, TACID, DARIO, RITAS, AJECT, MICRA, DEAR-COTS, COPE, DEFEATS, MOOSCO, TOPCOM, RE:DY, NORTH, Abyss, SUPERCLOUD, COST Action IC1402, SEGRID, BioBankCloud, SAPIENT, PROPHECY, SecFuNet, FTH-Grid, AIR-II, AIR, ESFORS, CaberNet, GODC, BROADCAST, CoDiCom, Delta-4, RAPTOR |
