Singapore Academic Cybersecurity R&D
Harnessing R&D to Secure our Nation
Trustworthy Systems from UN-trusted component AMalgamations
- Lead PI : Abhik Roychoudhury, Professor, NUS (abhik@comp.nus.edu.sg)
- Host Institution : School of Computing, NUS
I. Goal
To develop trustworthy systems built from untrusted components such
as COTS (commercial off-the-shelf) components.
II. Technologies
Directed and Efficient Greybox Fuzzing [CCS 2017 & TSE 2018]
AFLFast
- 10x faster than the state-of-the-art
- Received 2000 USD @ Google Security bug bounties
- Outperforms KLEE on vulnerability detection
- Integrated into main-line AFL
AFLGo
- 1st directed greybox fuzzer
- 10x faster than the state of the art.
- Received 2000 USD @Google bug bounty
- Found 17 CVEs @ US National Vulnerability Database
- Found 39 bugs @ security-critical internet libraries (libxml)
- Outperforms state-of-the-art in patch testing (KATCH) and crash reproduction (BugRedux)
- Integrated into Google’s OSSFuzzL
Panoply – Low-TCB Linux Applications with SGX Enclaves [NDSS 2017]
- Supports POSIX APIs with 2x smaller TCB
- Microns: Library-enclaves created by Panoply
Stateful Security Protocol Verification [ICFEM 2017]
- A novel automatic verification approach for stateful security protocols with unbounded evolving of global states
SemGraft – Semantic Program Repair [ICSE 2018]
- Uses a correct reference implementation to guide automated program repair for providing correctness guarantees of generated patches
- This technique can correctly repair bugs in GNU Coreutils using BusyBox as a reference and vice versa
EffectiveSan: Dynamically Typed C/C++ [PLDI 2018]
- A comprehensive dynamic type checker for C/C++ programs
- Stores meta data (META) at the base of all objects
- Given p into object q, use low-fat pointer base(p) to find (META)