REVELARE: A Hardware-Supported Dynamic Information Flow Tracking Framework for IoT Security and Forensics

Principal Investigator: Daniela Oliveira

Co-PI: Yier Jin

Sponsor: NSF

Start Date: August 8, 2018

End Date: July 31, 2021

Amount: $599,667

Abstract

The goal of this proposal is to implement REVELARE – a hardware-supported dynamic information flow tracking (DIFT) framework to enhance IoT security and forensics. It will consist of the following components: (i) a DIFT-enabling IP core for the ARM and the RISC-V architectures, which will complement the main processor with DIFT capabilities, (ii) two DIFT-based security policies (prevention of memory corruption and in-memory-only attacks) enforced by hardware whose accuracy is enhanced by the capture of DIFT indirect flows, and (iii) a mechanism for IoT virtualization-based security analysis and forensics, with the implementation of two types of security/forensics analyses: causality graphs, and personalized (per-device) anomaly detection via machine learning. The following outcomes will be generated: (i) the REVELARE proof-of-concept prototype, (ii) a DIFT-enabling IP core fabricated for the ARM and the RISC-V architectures, (iii) DIFT-based security policies for memory corruption and in-memory-only attacks, and (iv) a mechanism enabling comprehensive security and forensics analysis of IoT devices via IoT virtualization, with two security/forensics modules (causality graphs and anomaly detection).

More Information: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1801599&HistoricalAwards=false