Race Vulnerability Study and Hybrid Race Detection
Lead PI:
Jonathan Aldrich
Abstract

The prevalence of multi-core systems has resulted in increasingly common concurrency faults, challenging computer systems' reliability and security.  Races, including low-level data races and high-level atomicity violations, are one of the most common concurrency faults.  Races impair not only the correctness of programs, but may also threaten system security in a variety of ways.  It is therefore critical to efficiently and precisely detect races in order to defend against attacks.

Existing race detectors fall into two categories: static and dynamic approaches.  However, neither category alone has produced satisfactory results so far.  Static approaches are generally complete, that is, they rarely miss races, but they suffer from false positives.  In contrast, dynamic race detectors can ensure soundness but their runtime overhead is prohibitively high.  The purpose of this research is to gain a better scientific understanding of vulnerabilities due to races, and to evaluate the hypothesis that a hybrid race-detection mechanism can combine the benefits of static and dynamic approaches, providing a more effective means of addressing race-related vulnerabilities.

Our Team

Jonathan Aldrich, PI

Du Li, Post-Doctoral Associate

Matthew Dwyer, Collaborator

Witawas Srisa-an, Collaborator

Scientific Questions.  We plan to pursue the purpose described above by answering the following scientific questions:

  • How do races introduce security vulnerabilities in real world systems?
  • Can existing security tools effectively identify and eliminate the vulnerabilities caused by races?
  • Can static analysis help dynamic race detectors to reduce runtime overhead?
  • Can dynamic analysis help static race detectors to rule out false warnings?
  • Can we build a hybrid approach efficient enough for deployed systems while maintaining high coverage for races?
  • Can such an approach help to identify and mitigate race-related vulnerabilities in practice?

 

Activities.  This project incorporates the following thrusts:

  1. Conduct an empirical study on security vulnerabilities in real world systems based on public data such as reports in National Vulnerability Database (NVD).  Evaluate how well existing tools deal with these vulnerabilities.
  2. Build a dynamic race detector that uses static analysis to filter out unnecessary monitoring for operations that cannot contribute to enhancing race coverage.
  3. Employ a smart sampling mechanism to control runtime overhead without losing too much race coverage based on the potential race distribution information produced by static analysis.
  4. Compare the performance, scalability, soundness (relevant to usability), and completeness of our race detector with state-of-the-art race detectors on widely used benchmark suites, and on challenge problems identified in the security vulnerability study. 
Jonathan Aldrich

Jonathan Aldrich is an Associate Professor of the School of Computer Science. He does programming languages and software engineering research focused on developing better ways of expressing and enforcing software design within source code, typically through language design and type systems. Jonathan works at the intersection of programming languages and software engineering. His research explores how the way we express software affects our ability to engineer software at scale. A particular theme of much of his work is improving software quality and programmer productivity through better ways to express structural and behavioral aspects of software design within source code. Aldrich has contributed to object-oriented typestate verification, modular reasoning techniques for aspects and stateful programs, and new object-oriented language models. For his work specifying and verifying architecture, he received a 2006 NSF CAREER award and the 2007 Dahl-Nygaard Junior Prize. Currently, Aldrich excited to be working on the design of Wyvern, a new modularly extensible programming language.