January 15, 2018

UC Riverside research will help protect military software from hackers

Outdated military software and hardware is vulnerable to attack

Author: Richard Chang
January 15, 2018

Heng Yin, associate professor of computer science and engineering.

The U.S. Department of Defense and other government agencies have outdated computers and software. That means their networks could be vulnerable to attack in today’s rapidly evolving digital environment, in which cyber security analysts are under constant pressure to keep up with the latest advances by hackers.

Heng Yin, an associate professor of computer science and engineering at the University of California, Riverside, is trying to solve this problem by securing decades-old legacy systems that are still instrumental. Yin was awarded a $4.68 million grant from the U.S. Office of Naval Research to pursue such research over a five-year term. Chengyu Song, an assistant professor of computer science and engineering at UCR, is a co-principal investigator on the grant.

“The programs are not maintained anymore, but they still need to use them,” said Yin of the programs run by the Navy and other government agencies. “The binary code may have lots of vulnerabilities.”

Yin and his team of researchers at UCR will be studying how to “harden” the code to prevent vulnerabilities from being exploited by hackers. This can involve removing some functions from legacy software that are not used, but could be exploited by attackers.

Legacy software isn’t only used in government, Yin said, noting that everyday civilian life is riddled with old code, such as on civilian aircraft.

“If the attacker finds a way to exploit the system, that will be a disaster,” Yin said of the potential for a flight to be hacked.

Yin will not actually gain access to Department of Defense systems, however. Those are highly classified and require top-level security clearance. Yin will use other readily available software programs on the market, such as Adobe Reader and Microsoft Office, to develop the prototype and method for securing similar legacy systems used in government.

Adobe Reader is considered a binary program, which resembles the old code, according to Yin. For example, the research will entail how to remove certain features from Adobe Reader, such as disabling JavaScript handling.

“Almost all malicious PDFs rely on JavaScript to exploit Adobe Reader,” Yin said. “The goal is really to push the boundaries for binary analysis,” Yin added. “This is the biggest challenge for us — to really push our analysis capability much further than the current status.”

Media Contacts