Fall 2022 CS Cyber Security Reading Group


Members: Shubham Ayachit, Yashwanth Bandala, Dominika Bobik, Ethan Brinks, Yu Cai, Caleb Rother, Bo Chen (co-advisor), Haoyang Chen, Niusen Chen, Brandon Cox, Dev Sanghani, Josh Dafoe, Matthew Gervasi, Thomas Grifka, Trevor Hornsby, Stuart Hoxie, Ryan Klemm, Xinyu Lei (co-advisor), Xinyun Liu, Jean Mayo (co-advisor), Jacson Ott, Shuo Sun, Harsh Singh, Yuchen Wang, Drew Youngstrom, Xiaoyong Yuan



Detailed schedule:

Time: 2:00 – 3:00pm Friday, September 16, 2022

Location: Rekhi G009

Presenter:  Haoyang Chen

Title: Gradient-based Adversarial Attacks against Text Transformers

Abstract: We propose the first general-purpose gradient-based attack against transformer models. Instead of searching for a single adversarial example, we search for a distribution of adversarial examples parameterized by a continuous-valued matrix, hence enabling gradient-based optimization. We empirically demonstrate that our white-box attack attains state-of-the-art attack performance on a variety of natural language tasks. Furthermore, we show that a powerful black-box transfer attack, enabled by sampling from the adversarial distribution, matches or exceeds existing methods, while only requiring hard-label outputs.


Time: 2:00 – 3:00pm Friday, September 30, 2022

Location: Rekhi G009

Presenter:  Niusen Chen

Title: Enabling Accurate Data Recovery for Mobile Devices against Malware Attacks

Abstract: Mobile computing devices today suffer from various malware attacks. After the malware attack, it is challenging to restore the device’s data back to the exact state right before the attack happens. This challenge would be exacerbated if the malware can compromise the OS of the victim device, obtaining the root privilege. In this work, we aim to design a novel data recovery framework for mobile computing devices, which can ensure recoverability of user data at the corruption point against the strong OS-level malware. By leveraging the version control capability of the cloud server and the hardware features of the local mobile device, we have successfully built MobiDR, the first system which can ensure restoration of data at the corruption point against the malware attacks. Our security analysis and experimental evaluation on the real-world implementation have justified the security and the practicality of MobiDR.


Time: 3:00 – 4:00pm Friday, October 14, 2022

Location: Zoom (co-located with CS Colloquium)

Presenter:  Prof. Zhiqiang Lin (The Ohio State University)

Title: Rethinking the Security and Privacy of Bluetooth Low Energy

Abstract: In this talk, Dr. Lin will talk about a number of recently discovered security and privacy threats against the BLE, and the lessons learned from those threats. In particular, he will first discuss the protocol-level downgrade attack, an attack that can force the secure BLE channels into insecure ones to break the data integrity and confidentiality of BLE traffic. Then, he will introduce Bluetooth Address Tracking (BAT) attack, a new protocol-level attack discovered from his group, which can track randomized Bluetooth MAC addresses by using a novel allowlist-based side channel. Next, he will discuss the lessons learned, root causes of the attack, and its countermeasures.  Finally, he will conclude his talk by discussing future directions in Bluetooth security and privacy.


Time: 2:00 – 3:00pm Friday, October 28, 2022

Location: Rekhi G009

Presenter:  Harsh Singh

Title: M2Mon: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles

Abstract: Unmanned Vehicles (UVs) often consist of multiple Micro Controller Units (MCUs) as peripherals to interact with the physical world, including GPS sensors, barometers, motors, etc. While the attack vectors for UV vary, a number of UV attacks aim to impact the physical world either from the cyber or the physical space, e.g., hijacking the mission of UVs via malicious ground control commands or GPS spoofing. This provides us an opportunity to build a unified and generic security framework defending against multiple kinds of UV attacks by monitoring the system’s I/O activities. Accordingly, we build a security reference monitor for UVs by hooking into the memory-mapped I/O (MMIO), namely M2MON. Instead of building upon existing RTOS, we implement M2MON as a microkernel running in the privileged mode intercepting MMIOs while pushing the RTOS and applications into the unprivileged mode. We further instantiate an MMIO firewall using M2MON and demonstrate how to implement a secure Extended Kalman Filter (EKF) within M2MON. Our evaluation on a real-world UV system shows that M2MON incurs an 8.85% runtime overhead. Furthermore, M2MON-based firewall is able to defend against different cyber and physical attacks. The M2MON microkernel contains less than 4K LoC comparing to the 3M LoC RTOS used in our evaluation. We believe M2MON provides the first step towards building a trusted and practical security reference monitor for UVs.