New $1.15 million computer security grant for Profs. Solworth and Bernstein

March 15, 2010

Congratulations to Jon Solworth and Dan J. Bernstein of the UIC Computer Science Department! They have just been awarded a 3-year, $1.15 million dollar NSF grant entitled "The impact of operating systems on application robustness," which is ultimately about how to build secure operating systems. (For those not familiar with the term "operating systems", the two most well-known groups of operating systems are Microsoft Windows and Mac OS X.).

Abstract:

It is widely estimated that one in four computers is part of a botnet, and therefore under the control of an attacker. These computers are used to loot bank accounts, send spam, and perform DDoS (Distributed Denial of Service) attacks. The attacker almost always gains control of these computers by remotely attacking applications or the operating system on which these applications depend. The robustness---the ability to withstand attack---of the operating system has long been known as essential to produce secure systems. But even the most robust operating system cannot prevent applications from being exploited, and therefore has a limited effect on application robustness.

This project investigates the effect of the operating system on application robustness, and in particular the effect that the operating-system interface (the architecture and details of its system calls) has on the ability to write more robust applications. In particular, this project seeks to eliminate pitfalls in system calls; these pitfalls lead to security holes and make application development much more difficult. Eliminating pitfalls (and thus the resulting security holes) makes it more difficult to successfully attack applications. To evaluate the extent to which pitfalls can be eliminated, this project is building a operating system called Ethos. The Ethos interface will be analyzed and evaluated on its own and versus those in traditional operating systems.