In the Tigress project we are studying diversity-based defenses against Remote Man-At-The-End (R-MATE) attacks. These attacks occur in distributed systems where untrusted clients are in frequent communication with trusted servers over a network, and malicious users can get an advantage by compromising an untrusted device.

Currently, the Tigress backend (the diversifying C virtualizer/obfuscator) is available for download here.


R-MATE vulnerabilities occur in a variety of settings, including
  1. The Advanced Metering Infrastructure} (AMI) for controlling the electrical power grid, where networked devices (smart meters) are installed at individual house-holds to allow two-way communication with control servers of the utility company. In an R-MATE attack against the AMI, a malicious consumer tampers with the meter to emulate an imminent blackout, or to trick a control server to send disconnect commands to other customers.
  2. MMOGs (massive multiplayer online games) are susceptible to R-MATE attacks since a malicious player who tampers with the game client can get an advantage over other players.
  3. Wireless sensors are often deployed in unsecured environments (such as theaters of war) where they are vulnerable to tampering attempts. A compromised sensor could be coached into supplying the wrong observations to a base station, causing real-world damage.
  4. Electronic health records (EHR) are typically protected by encryption while stored in databases and in transit to doctors' offices, but they are vulnerable to R-MATE attack if an individual doctor's client machine is compromised.

In our system, the trusted server overwhelms the untrusted client's analytical abilities by continuously and automatically generating and pushing to him diverse client code variants. The diversity subsystem employs a set of primitive code transformations that provide an ever-changing attack target for the adversary, making tampering difficult without this being detected by the server.


Grants

Tigress is supported through the following grants:

  1. September 2011---August 2013, Man-at-the-End Attacks: Defenses and Evaluation, National Science Foundation Grant CNF-1145913, $269,649, PI: Christian Collberg, co-PIs: Saumya Debray, Loukas Lazos.
  2. October 2009---September 2013, Theoretical and Practical Approaches to Remote White-Box Security, United States--Israel Binational Science Foundation grant BSF-2008362, $90,684, PI: Amir Hertzberg (Bar Ilan University, Israel), co-PIs: Christian Collberg, Shafi Goldwasser (MIT and Weizmann Institute).


Publications

  1. Patrick P.F. Chan, Christian Collberg, A Method to Evaluate CFG Comparison Algorithms QSIC'2014. pdf
  2. Christian Collberg, Sam Martin, Jonathan Myers, Jasvir Nagra, Distributed application tamper detection via continuous software updates, ACSAC'12.

Collaborators