Cyber Security in the Age of Large-Scale Adversaries
DFG Cluster of Excellence CASA
IT security has become a central societal issue since networked devices have permeated our world. Hacker attacks against the Bundestag or large industrial plants prove the explosive nature of this problem. Today, many IT attacks come from large-scale attackers, especially from governmental or semi-governmental organizations. These adversaries are particularly worrisome because they act long-term and have significant technical capabilities and resources.
Countermeasures against these most powerful attackers are the focus of the Cluster of Excellence “Cyber Security in the Age of Large-Scale Adversaries”. The research follows an interdisciplinary approach, in which leading scientists with a technical orientation cooperate with researchers from psychology who investigate the interaction of human behavior and IT security. This constellation is unique in Europe.
RAINCOAT: Randomization in Secure Nano-Scale Microarchitectures
In order to maintain the increasing chip performance while simultaneously advancing miniaturization, manufactures of modern memory- and processing units are increasingly relying on highly optimized, parallelized microarchitectures. With recent microarchitectural attacks like Rowhammer, Spectre and Meltown, it has been demonstrated, that such optimizations may cause unforeseen security risks. With the introduction of novel nano-technology, this trend towards miniaturization of hardware components will continue. The aim of the project is to investigate the security-relevant implications of new technology building blocks, such as NRAM, and to develop countermeasures for possible attack vectors. At the same time, existing security gaps, induced e.g. by branch predictors, are to be closed. Such measures must not cancel out the performance advantage of the new technologies. Therefore, the special focus lies on randomization-based countermeasures. These methods have already proven to be particularly suitable in the area of runtime attacks (e.g., buffer overflows).
More Information: Raincoat.
CRC 1119 CROSSING
The goal of the Collaborative Research Center CROSSING is to provide cryptography-based security solutions enabling trust in new and next generation computing environments. Prof. Davi is principal investigator of the project S2 Attestation Protocols.
Project with NEC
In collaboration with NEC Laboratories Europe GmbH we investigate and develop security solutions in the area of software security.