Fall 2022 CS Cyber Security Reading Group
Members: Shubham Ayachit, Yashwanth Bandala, Dominika Bobik, Ethan Brinks, Yu Cai, Caleb Rother, Bo Chen
(co-advisor), Haoyang Chen, Niusen
Chen, Brandon Cox, Dev Sanghani, Josh Dafoe, Matthew Gervasi, Thomas Grifka, Trevor
Hornsby, Stuart Hoxie, Ryan Klemm, Xinyu Lei
(co-advisor), Xinyun Liu, Jean Mayo (co-advisor), Jacson Ott, Shuo Sun, Harsh
Singh, Yuchen Wang, Drew Youngstrom, Xiaoyong Yuan
Detailed schedule:
Time: 2:00 – 3:00pm Friday, September 16, 2022
Location: Rekhi G009
Presenter: Haoyang Chen
Title: Gradient-based Adversarial Attacks against Text Transformers
Abstract: We propose the first
general-purpose gradient-based attack against transformer models. Instead of
searching for a single adversarial example, we search for a distribution of
adversarial examples parameterized by a continuous-valued matrix, hence
enabling gradient-based optimization. We empirically demonstrate that our
white-box attack attains state-of-the-art attack performance on a variety of
natural language tasks. Furthermore, we show that a powerful black-box transfer
attack, enabled by sampling from the adversarial distribution, matches or
exceeds existing methods, while only requiring hard-label outputs.
Time: 2:00 – 3:00pm Friday, September 30, 2022
Location: Rekhi G009
Presenter: Niusen Chen
Title: Enabling Accurate Data Recovery for Mobile Devices against Malware Attacks
Abstract: Mobile computing
devices today suffer from various malware attacks. After the malware attack, it
is challenging to restore the device’s data back to the exact state right
before the attack happens. This challenge would be exacerbated if the malware
can compromise the OS of the victim device, obtaining the root privilege. In
this work, we aim to design a novel data recovery framework for mobile
computing devices, which can ensure recoverability of user data at the
corruption point against the strong OS-level malware. By leveraging the version
control capability of the cloud server and the hardware features of the local
mobile device, we have successfully built MobiDR, the
first system which can ensure restoration of data at the corruption point
against the malware attacks. Our security analysis and experimental evaluation
on the real-world implementation have justified the security and the
practicality of MobiDR.
Time: 3:00 – 4:00pm Friday, October 14, 2022
Location: Zoom (co-located with CS Colloquium)
Presenter: Prof. Zhiqiang Lin (The Ohio State University)
Title: Rethinking the Security and Privacy of Bluetooth Low Energy
Abstract: In this talk, Dr. Lin
will talk about a number of recently discovered security and privacy threats
against the BLE, and the lessons learned from those threats. In particular, he
will first discuss the protocol-level downgrade attack, an attack that can
force the secure BLE channels into insecure ones to break the data integrity
and confidentiality of BLE traffic. Then, he will introduce Bluetooth Address
Tracking (BAT) attack, a new protocol-level attack discovered from his group,
which can track randomized Bluetooth MAC addresses by using a novel allowlist-based side channel. Next, he will discuss the
lessons learned, root causes of the attack, and its countermeasures. Finally, he will conclude his talk by
discussing future directions in Bluetooth security and privacy.
Time:
2:00 – 3:00pm Friday, October 28, 2022
Location:
Rekhi G009
Presenter: Harsh Singh
Title: M2Mon: Building an
MMIO-based Security Reference Monitor for Unmanned Vehicles
Abstract: Unmanned Vehicles (UVs)
often consist of multiple Micro Controller Units (MCUs) as peripherals to
interact with the physical world, including GPS sensors, barometers, motors,
etc. While the attack vectors for UV vary, a number of UV attacks aim to impact
the physical world either from the cyber or the physical space, e.g., hijacking
the mission of UVs via malicious ground control commands or GPS spoofing. This
provides us an opportunity to build a unified and generic security framework
defending against multiple kinds of UV attacks by monitoring the system’s I/O
activities. Accordingly, we build a security reference monitor for UVs by
hooking into the memory-mapped I/O (MMIO), namely M2MON. Instead of building
upon existing RTOS, we implement M2MON as a microkernel running in the
privileged mode intercepting MMIOs while pushing the RTOS and applications into
the unprivileged mode. We further instantiate an MMIO firewall using M2MON and
demonstrate how to implement a secure Extended Kalman Filter (EKF) within M2MON.
Our evaluation on a real-world UV system shows that M2MON incurs an 8.85%
runtime overhead. Furthermore, M2MON-based firewall is able to defend against
different cyber and physical attacks. The M2MON microkernel contains less than
4K LoC comparing to the 3M LoC RTOS used in our evaluation. We believe M2MON
provides the first step towards building a trusted and practical security
reference monitor for UVs.