artificial intelligence

Extending Biology Models with Deep NLP over Scientific Articles

This paper describes R3 (Reading, Reasoning, and Reporting), our system for deep language understanding and model management for the biomedical domain. Starting from a base BioPAX model, we learn extensions to it by reading biomedical research articles from PubMed Central. We describe the particular issues for text understanding in this domain and how we use pre- and post-analysis reasoning to bridge the differences in how knowledge is packaged in a text versus a biomedical database.

FUZZBUSTER: Towards Adaptive Immunity from Cyber Threats

Today’s computer systems are under relentless at- tack from cyber attackers armed with sophisticated vulnerabil- ity search and exploit development toolkits. To protect against such threats, we are developing FUZZBUSTER , an automated system that provides adaptive immunity against a wide variety of cyber threats. FUZZBUSTER reacts to observed attacks and proactively searches for never-before-seen vulnerabilities. FUZZBUSTER uses a suite of fuzz testing and vulnerability assessment tools to find or verify the existence of vulnerabilities.

Automatically Repairing Stripped Executables with CFG Microsurgery

BINSURGEON is a binary rewriting system that enhances stripped binary executables with repairs, defenses, and additional functionality. This involves making space-consuming changes to the program’s control flow graph (CFG), recomputing instruction content, and relocating instructions, all while preserving functionality in the remainder of the program’s control flow. BINSURGEON uses extendable rewrite templates that enable other systems to specify and parameterize program modifications, which allows BINSURGEON to be a fully-automatic component of a larger system.

Self-Adaptation Metrics for Active Cybersecurity

FUZZBUSTER is a host-based adaptive security system that automatically discovers, refines, and repairs vulnerabilities in hosted applications in order to prevent cyberattacks. FUZZBUSTER must decide when to adapt its applications, when to revoke its previous adaptations, and when to sacrifice functionality to improve security. This requires an adaptation quality metric that captures (1) an application’s susceptibility to cyberattacks and (2) an application’s functionality, since adapting an application affects both of these factors.

Meta-control for Adaptative Cybersecurity in FUZZBUSTER

Modern cyber attackers use sophisticated, highly-automated vulnerability search and exploit development tools to find new ways to break into target computers. To protect against such threats, we are developing FUZZBUSTER, a host-based adaptive security system that automatically discovers faults in hosted applications and incrementally refines and repairs the underlying vulnerabilities. To perform this self-adaptation, FUZZBUSTER uses meta-control to coordinate a diverse and growing set of custom and off-the-shelf fuzz-testing tools.

Automated Fault Analysis and Filter Generation for Adaptive Cybersecurity

We are developing the FUZZBUSTER system to automatically identify software vulnerabilities and create adaptations that shield or repair those vulnerabilities before attackers can exploit them. Adaptive cybersecurity involves efficiently improv- ing software security to minimize the window of attack, and also preserving software functionality as much as possible. This paper presents new tools that have been integrated into FUZZBUSTER adaptive cybersecurity.

Improving Automated Cybersecurity by Generalizing Faults and Quantifying Patch Performance

We are developing the FUZZBUSTER system to automatically identify software vulnerabilities and create adaptations that shield or repair those vulnerabilities before attackers can exploit them. FUZZBUSTER’s goal is to minimize the time that vulnerabilities exist, while also preserving software functionality as much as possible. This paper presents new adaptive cybersecurity tools that we have integrated into FUZZBUSTER, as well as new metrics that FUZZBUSTER uses to assess their performance.

Chronomorphic Programs: Using Runtime Diversity to Prevent Code Reuse Attacks

Return Oriented Programming (ROP) attacks, in which a cyber attacker crafts an exploit from instruction sequences already contained in a running binary, have become popular and practical. While previous research has investigated software diversity and dynamic binary instrumentation for defending against ROP, many of these approaches incur large performance costs or are susceptible to Blind ROP attacks.

Using Concolic Testing to Refine Vulnerability Profiles in FUZZBUSTER

Vulnerabilities in today’s computer systems are relentlessly exploited by cyber attackers armed with sophisti- cated vulnerability search and exploit development toolkits. To protect against such threats, we are developing FUZZBUSTER, an automated system that provides adaptive immunity against a wide variety of cyber threats. FUZZBUSTER uses custom and off-the-shelf fuzz-testing tools to find vulnerabilities, create vulnerability profiles identifying the inputs that drive target programs to the corresponding faults, and synthesize adap- tations that prevent future exploits.