ERC Advanced Grant for computer scientist Herbert Bos

Share

11 April 2024

Herbert Bos, professor of computer science, has been awarded an Advanced Grant from the European Research Council (ERC) for his research program "Ghostbuster," aimed at thwarting the most sophisticated attacks by hackers.

Insecure hardware
All security in computer systems revolves around the "bottom layer": the hardware. If that isn't secure, virtually all security guarantees are invalidated. Unfortunately, today's hardware is not secure, according to Bos. The most advanced attacks currently available to attackers exploit vulnerabilities in the CPU-in other words, in the hardware. Ghostbuster is a research program designed to stop these attacks.

Identifying code fragments
Such attacks are termed "transient execution attacks" and allow attackers to leak sensitive information even if there are no software bugs present. "If we focus solely on these attacks, it's already a massive scientific challenge to thwart them, but it becomes even more difficult when they're combined with other types of vulnerabilities, such as software flaws," says Bos. "At present, there's no way to even detect such hybrid attacks, let alone stop them," he explains.

Vulnerabilities can only be exploited if software interacts with the processor in a certain way. Since chip manufacturers have indicated that they cannot fix all vulnerabilities in their processors because it would significantly degrade computer performance, we must turn to software for protection. Bos: "The hope is that within the software we use, we can identify all code fragments vulnerable to such attacks and modify them to make them secure. Unfortunately, finding vulnerable code fragments is very challenging. We will investigate whether this can be done automatically."

Fundamental preconditions
Unlike existing 'ad-hoc' solutions that detect fragments through pattern recognition, Ghostbuster employs a more principled approach, studying the underlying preconditions that enable attacks. "Thus, it models the fundamental conditions of (steps in) an attack and translates the models into detectors that enable us to determine if such an attack is possible," Bos explains. "After detecting the code that appears vulnerable, it conducts additional, more computationally intensive exploitability analysis and, if necessary, addresses the issue by rewriting the software so that (part of) the conditions are no longer met."

Bio
Herbert Bos leads the VUSec Systems Security research group. In 2023, he was appointed as a member of the Electoral Council by royal decree, the central body and advisory body for Dutch elections. He is also a member of the Cyber Security Council (CSR), a national, independent advisory body of the Dutch government and industry.