報告題目：Cache-based Attack and Defense on IoT Systems
While decades of research and deployment, such as stack cookies, W norX, address space layout randomization, etc., have successfully reducedthe attack surface of memory corruptions in IoT systems, a new attacksurface, the CPU caches, has emerged. In particular, cache residentmalware and cache side-channel attacks have shown their destructivepower: 1) cache resident malware evades memory inspection by usingCache-as-RAM techniques to load malicious code only in cache but notin RAM. Leveraging the cache incoherence of mobile and IoT trustedexecutionenvironments (TEE), such as ARM TrustZone, new stealthycache resident malware can even bypass the introspection from thehighest privilege level; 2) cacheside-channel attacks exploit thetime differences between a cache hit and a cache miss to infersensitive information to which attackers otherwise do not have accessto. These attacks are effective in stealing cryptographic keys fromvictim programs and virtual machines, tracing the execution ofprograms, and performing other malicious actions. In this talk, I willdiscuss my recent research on advancing both the attack and defense ofcache resident malware and cache side-channel attacks on mobile andIoT systems.
Ziming Zhao is an Assistant Professor at Rochester Institute ofTechnology, USA. He directs the CyberspACe securiTy and forensIcs lab(CactiLab, http://cactilab.rit.edu; http://zimingzhao.info). Hereceived his PhD degree in Computer Science from Arizona StateUniversity. His research foci include system and software security,network security, usable and user-centric security, cybercrime andthreat intelligence analytics. His research has led to 50+publications in security conferences and journals, including IEEE S&P,USENIX Security, NDSS, CCS, ACSAC, ESORICS, TISSEC, etc. He was thegeneral co-chair of ACM CODASPY 2018 and co-founder of ACM Workshop onAutomobile Cybersecurity. He is recruiting self-motivated PhD studentsto work on cybersecurity.