- Andrea Mambretti
- Pasquale Convertini
- et al.
- SANER 2021
Our goal is to protect trusted systems by reducing the probability of compromise and increasing the cost of crafting exploits, while staying within performance budgets and usability requirements.
Cyber-attacks are estimated to cost the world economy more than $400 billion annually. From botnets to advanced persistent threats to targeted attacks, system vulnerabilities in combination with a successful exploit can grant an attacker unauthorized access to a computing system, entailing the possibility to exfiltrate sensitive data of valuable individuals or companies, incapacitate critical infrastructures, or compromise code repositories to spread to new targets.
Zero-day exploits can be used to leverage unknown vulnerabilities in order to gain access, in a stealthy way, to systems believed to be secure. And they are very valuable, being traded for considerable sums in the upper six-digit range, which reflects the months of work that it takes highly skilled professionals to develop a working exploit.
We focus on systems security research, looking both at novel attacks and defenses to prevent systems from bein exploited. We use methods such as program analysis and fuzzing, and develop tools to aid ourselves and the systems security community in our research. We are particularly interested in the security of operating systems, programming languages, and the software/hardware interface.
To address the increasingly complex task of securing modern systems, we follow a three-pronged strategy:
Finding vulnerabilities and exploiting them
We find novel classes of attacks, and deepen our collective knowledge of existing attacks and exploitation, to guide prevention efforts.
Preventing vulnerabilities and their exploitation
We either remove bugs, or prevent them from being reachable, or harden systems such that attackers cannot make craft an exploit.
Methods and Tools
To support the previous two categories, we develop new methods and tools that help in finding and preventing vulnerabilities, as well as measurement and evaluation of the security posture of a system.
Transient Execution Attacks
At the boundary between software and hardware, transient execution attacks on modern CPUs open a new attack surface on today’s complex systems. We find novel attacks, deepen our knowledge of exploitation of these attacks, and develop tooling to support prevention efforts.
Linux Attack Surface Reduction
We develop techniques to reduce the attack surface of today’s complex OSes, ubiquitous in the cloud and mobile platforms.
Publications and Research Areas
Collaborations are fundamental to successful research projects. The researchers working on Systems security at IBM come from academic backgrounds, and foster collaborations with academia and industry.
- GhostBuster: Understanding and overcoming the pitfalls of transient execution vulnerability checkers