Tudor Dumitras - US grants

Software vulnerabilities are an important vector for malware delivery. The software updating mechanisms, responsible for deploying the vulnerability patches, are in a race with the cyber attackers seeking to exploit the vulnerabilities. Moreover, these updating mechanisms have multiple, potentially conflicting, design goals, as they must quickly deploy patches on millions of hosts worldwide, must not overburden the users, and must avoid breaking dependencies in the deployment environment. 

This project aims to model the dynamics of vulnerable host populations, in order to assess the practical barriers for current software updating mechanisms and the conflicts among their security and reliability goals. Using real-world data sets of update deployment events, the research studies the decay of vulnerable host populations empirically to identify deployment-specific factors that delay updates. Building on these insights, the project develops parameterized analytical models for update deployment, and uses these models to quantify the trade-offs between reliability and security when updating software. The models provide principled methods for reasoning about the properties of software updates in the presence of multiple design goals and enable improvements in software updating mechanisms by exploring a large design space. The researchers are disseminating the results from this project by organizing workshops on data-driven security, by releasing data sets with augmented information about software vulnerabilities, and by collaborating with industry partners to evaluate the proposed techniques in real-world settings.

The Public Key Infrastructure (PKI), along with the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, are responsible for securing Internet transactions such as banking, email, and e-commerce; they provide users with the ability to verify with whom they are communicating online, and enable encryption of those communications. While the use of the PKI is mostly automated, there is a surprising amount of human intervention in management tasks that are crucial to its proper operation. As a result, there have been numerous instances where mismanagement of the PKI has harmed the security of end users. This project is developing techniques to better understand and improve the management of the PKI, helping to better secure the Internet.

This project has four research foci, each examining the management challenges faced by different players in the PKI: Content Distribution Network (CDN) administrators, Certificate Authorities (CAs), end-users, and non-Web protocols. First, the project is conducting measurements to better understand the frequency of sharing private keys between sites and their CDNs, and to improve the security of this practice. Second, the project is developing new incentives for CAs to ensure information about their revoked certificates reach end users. Third, the project is aiming to better understand how the PKI will evolve as the Internet of Things (IoT) grows and the PKI is forced to quickly scale up. Fourth, the project will expand existing measurement approaches to understand the difficulties of PKI management in non-Web protocols (e.g., IMAPS), which have traditionally been less-well maintained.