μ-site

Welcome to the official blog of μCSRL!

The Munich Computer System Research Laboratory, μCSRL for short, is a research lab at the National Cyber Defense Research Institute CODE at the Universität der Bundeswehr, München, directed by Stefan Brunthaler. This web page hosts all public artifacts of the research group, including blog posts, essays, source code, and tools.

Research

As of Q1 2024, μCSRL conducts the following research projects. We have been quite active over the past couple of years and thus expect to publish multiple papers in 2024.

Fuzzing: μ-fuzz

Bundles our research activities in automated vulnerability identification via fuzzing. Our objective for this project is the investigation of combinatorial optimization of fuzzing on clusters. To support this project, we have a state-of-the-art fuzzing cluster with 1,200+ CPUs.

Language-based Security – Software Diversity: μ-proteus

Bundles our research activities in software diversification. Our recent milestones include:

Leakage-resilient Diversity

The goal of this line of research is to mitigate advanced code-reuse attacks, such as both direct and indirect JIT-ROP, COOP, AOCR, and PIROP. Broadly speaking, the idea is to combine software diversity with so-called, execute-only memory (XOM). Prof. Brunthaler co-authored one of the most highly cited articles in this area, called Readcator, which used the first hardware-supported XOM with advanced code diversification, including code-pointer hiding. Due to emergent security problems of code-pointer hiding, which resulted in the Address-Oblivious Code Reuse (AOCR) attack, our research group continued improving diversification techniques to mitigate even the most-advanced code reuse attacks. In 2023, we were able to publish this defense, R2C - Reactive and Reflective Camouflage, which to the best of our knowledge, is the only effective and efficient defense to date.

Versatile Diversity

Besides code-reuse attacks, we published the first paper aimed at preventing Rowhammer attacks with principles underlying software diversity. Similarly, we published a defense against timing-based cache side-channels through our discovery of a new defense called control-flow diversity.

Supply-Chain Attacks: μ-c

We are actively investigating how to address supply-chain attacks at compile time through developing our own compiler infrastructure. This compiler combines our state-of-the-art software diversification techniques and offers support for C and multiple backends.

Decompilation: μ-dc

We examine novel techniques in decompiling programs, i.e., the process of producing source code from programs in binary form.

Interpreter Optimization: μ-python

Bundles our research activities in interpreter optimization. Our present research efforts deal with purely-interpretative optimizations, i.e., trying to avoid dynamic code generation altogether. The key insight of Prof. Brunthaler’s work from 2010 until 2014 was that an interpreter can do pretty much the same things as a JIT compiler. A series of optimizations addressed various shortcomings in isolation, such as providing type feedback via inline caching, or eliminating reference count operations. Later on, these techniques were combined to also eliminate the overhead of operating on boxed objects (see Multi-Level Quickening). Multi-level quickening provided substantial speedups of up to 5.5x, but did not convince the reviewers in 2012, 2013, and 2014.

At present, Python adopted the former optimization techniques, i.e., the quickening-based inline caching, since version 3.10, and will adopt the latter technique in future versions. As a result, this line of research, although academically unsuccessful, is used by millions of people on a daily basis.

Recent Publications

Full list of publications

Presentations

Essays

The following essays are available: