AMD’s Secure Encrypted Virtualization (SEV) is a hardware extension available in AMD’s EPYC server processors to support confidential cloud computing. In this talk, we summarize a history of SEV’s design flaws, including its unencrypted VM states, unauthenticated memory encryption, unprotected nested page tables and I/O operations, as well as the ASID and TLB misuse. We will also present our discovery of a new breed of side channels on SEV (including recently released SEV-SNP), which we call ciphertext side channels. Unlike traditional micro-architecture side channels, ciphertext side channels do not rely on secret-dependent memory access patterns in the victim code. Therefore, many constant-time cryptographic code, including RSA and ECDSA in the latest OpenSSL library, can be broken by ciphertext side-channel attacks. Without a proper hardware mitigation, ciphertext side channels will become the Achilles heel of SEV-backed confidential computing platforms.

The robotic technology is rapidly integrated into every aspect of our life. Different types of robots and applications were designed to assist humans with many dangerous or tedious jobs. The main robotic framework is Robot Operating System (ROS), which has been widely adopted by both the research community and industry as the foundation or the testbed for robot apps. Compared to other traditional apps,robotic apps have more complexities as a variety of functions need to be integrated to complete different missions. They also exhibit more autonomy and control, enabling multiple robots to cooperate for efficiency improvement.However, these two features could bring various security threats to the robot apps.

 

In this talk, I will present new challenges as well as opportunities to the design and development of robotic systems and applications. We disclose that (1) existing public ROS package repository does not enforce security inspection, which enables an adversary to upload malicious packages for other developers to download and the robot apps will be compromised; (2) the current Secure ROSv2 equipped with security features have design flaws such that an adversarial user can fundamentally disable the access control and authentication protection. New defense solutions will also be discussed to mitigate the above security threats.

Memory and caches are essential components of modern computing systems,but traditionally they have been mainly designed for their functionality and performance,not for security. Recent cache side and covert channel attacks have shown us many vulnerabilities in such systems exist. This requires us to rethink the design of memory hierarchy, and especially consider security of all the components in the hierarchy.In the talk, I will first present my recent research on cache covert channels leveraging the cache replacement states in commercial processors. Different from the conventional cache covert channels,the sender in the novel covert channel does not have to trigger a cache miss,making the channel stealthier and harder to detect. I will further show how this covert channel breaks security of established secure cache designs. In the second part of the talk, I will dive lower in the memory hierarchy and present how to leverage the physical properties and manufacturing variations of DRAM cells for security. Specifically, I will show how the existing DRAMs in commodity devices can be used to create physically unclonable functions (PUFs), which can further be used for authentication and key storage at system runtime.

While decentralized identity (DID) promises to give users greater control over their private data, it burdens users with management of private keys, creating asignificant risk of key loss. Existing and proposed approaches also presume the spontaneous availability of a credential-issuance ecosystem, creating a bootstrapping problem. They also omit essential functionality, like resistance to Sybil attacks and the ability to detect misbehaving or sanctioned users while preserving user privacy.

In this talk, I’ll introduce CanDID [Oakland 21], a platform for practical,user-friendly realization of decentralized identity, the idea of empowering endusers with management of their own credentials. CanDID addresses these challenges by issuing credentials in a user-friendly way that draws securely and privately on data from existing, unmodified web service providers. Such legacy compatibility similarly enables CanDID users to leverage their existing online accounts for recovery of lost keys. Using a decentralized committee of nodes, CanDID provides strong confidentiality for user’s keys, real-world identities, and data, yet prevents users from spawning multiple identities and allows identification (and blacklisting) of sanctioned users.

I’ll present the CanDID architecture and its technical innovations and report on experiments demonstrating its practical performance.

JavaScript is notorious to analyze due to its flexibility let alone vulnerability detection. On one hand, prior works have proposed many program analysis based approaches to detect JavaScript vulnerabilities, such as command injection and prototype pollution, but they are specific to individual vulnerability and do not generalize to a wide range of vulnerabilities. On the other hand, prior works on C/C++ and PHP have proposed graph query-based approaches, such as Code Property Graph (CPG), to efficiently mine vulnerabilities, but they are not directly applicable to JavaScript due to the language’s extensive use of dynamic features.

In this talk, I am presenting our recent flow- and context-sensitive JavaScript static analysis with hybrid branch-sensitivity and points-to information to generate a novel graph structure, called Object Property Graph (OPG), using abstract interpretation. OPG represents JavaScript objects as nodes and their relations with Abstract Syntax Tree (AST) as edges, and accepts graph queries—especially on object lookups and definitions—for detecting Node.js vulnerabilities. Our implementation is open-source. Our evaluation on NPM packages reported 241 zero-day vulnerabilities, among which we have received 81 Common Vulnerabilities and Exposures (CVE) identifiers so far.

在侧信道(side channel)攻击中，攻击者能够通过一些系统外围的信息，例如执行时间、所用资源数量等，来获取一些更敏感的，系统或程序内部的机密。最新的研究表明，攻击者能够通过侧信道来得到诸如密钥的敏感信息，会对用户的安全与隐私造成极大的威胁。在这个报告中，我会主要介绍我在读博士期间做的两个工作：1）探索苹果手机系统(iOS)上的侧信道攻击面，2）应用差分隐私(differential privacy)来抵御流量分析攻击。在报告前半部分，我会介绍我们在iOS操作系统层面上的侧信道研究，也就是系统提供的公开的API引起的侧信道。我会介绍我们发现的一些公开的，造成侧信道隐私泄露的iOS API，并且说明我们是如何利用这些API来进行信息提取，例如预测当前运行在前台的程序等。之后我会介绍我们提出的防御方案，这些方案已经在iOS和MacOS中被采用。后半部分的报告主要讨论我们如何运用差分隐私来抵御流量分析攻击。我会介绍我们是如何将一些差分隐私的算法应用于保护用户在视频观看时的隐私的(例如Youtube)，以及我们如何在一个Chrome浏览器插件上实现这个功能的。

An operating-system (OS) kernel is arguably the most important piece of software in a computer. Modern OS kernels have become extremely large and complex, containing millions of lines of code. As a result, they are unfortunately very buggy, and a single security bug (or vulnerability) may compromise the whole computer. In this talk, I will first discuss sources of the security bugs. Both developers andcompilers can introduce security bugs. I will then present our recent research on automatically finding security bugs. We develop both static and dynamic techniques to enable whole-kernel analysis for scalable and precise bug detection. I will also discuss secure-by-design solutions to the kernel security. At last, I will briefly share our patching experience with OSS communities.

计算机系统正在发生重大转变。首先，物联网的爆炸式增长使用户能够通过感知接口（例如麦克风和摄像头）以新颖的方式与计算系统和物理环境进行交互。其次，机器学习算法会收集大量数据并对新计算系统做出关键决策。这些趋势带来了更多功能，并大幅增加了不受信任的算法、实现、接口的数量以及它们处理的私有数据量。因此，对现代计算系统的攻击（例如勒索软件攻击和数据泄露）变得越来越普遍。为了解决这些问题，我改变了平台设计人员对设计安全系统的看法，协助开发人员进行安全系统实施，并创建技术以促进更好的安全决策。

本次演讲将介绍我的团队如何设计原则性的解决方案，以确保现代和新兴计算平台的安全性和隐私性。我将使用两个平台作为示例来演示我们如何推进最先进的技术以增强安全性和隐私性。首先，我将谈谈我们如何检测基于人工智能的语音控制设备中的安全和隐私问题。其次，我将展示我们为不断提高 OAuth 协议实现（一种流行的复杂三方身份验证协议）的安全性所做的工作。