You are here
Colloquia - Yueqi Chen, Securing Operating System Kernels with Fewer Shots, Virtual, 4:25 - 5:25 pm
Securing Operating System Kernels with Fewer Shots
Attack surfaces are defects in software and hardware that can be misused by attackers to do undesired computations (e.g., steal credentials, leak private user data, and take control over the whole system). Previous efforts on mitigating attack surfaces aim at individual security incidents. As a consequence, software systems are integrated with too many ad-hoc protections while still not becoming secure. In this talk, I will present a systematic approach to understanding attack surfaces. This approach provides security analysts and developers with the ability to quantify the impact of attack surfaces and facilitate the development of universal and effective defense solutions. Technically, this approach consists of two steps - induction and deduction. The induction step abstracts the essential causality behind the individual attack incident and the deduction step applies the abstraction to different contexts (e.g., various systems independently created by different vendors). In this talk, I will exemplify this induction and deduction approach with a security incident in the Linux kernel. Following this, I will present a general and effective defense that is designed to mitigate the induced attack surfaces, and show how this defense is widely adopted in various Operating System kernels. In the future, I plan to further advance this systematic approach and make it a fundamental part of the entire software development lifecycles. More specifically, I will: 1) enrich induction and deduction techniques for more attack forms under new contexts, 2) improve the scalability of these techniques via automation, and 3) optimize and re-construct existing defenses to build a new and comprehensive architecture that mitigate attack surfaces in a quantitative approach.
Yueqi Chen received his B.Sc degree from Nanjing University. He is currently a fifth-year Ph.D. student at Pennsylvania State University and a predoctoral fellow with Dr. Xinyu Xing at Northwestern University. He was awarded the IBM Ph.D. Fellowship 2020-2022. In general, his research focuses on system security and software security. He is particularly interested in developing systematic approaches to inducing, deducting, and mitigating attack surfaces. Along this thread, he has published 10 papers in top-tier academic conferences, including IEEE S&P, USENIX Security, ACM CCS, NDSS, OOPSLA, ACM/IEEE ICSE, IEEE/ACM ASE as leading authors and co-authors over the past 4 years. In addition, he presented his works at CLK 2019, BlackHat Europe 2019, BlueHat IL 2020, LSS Europe 2020, BlackHat Aisa 2021, LSS North America 2021, BlackHat Europe 2021. His research works were covered by high-profile media (e.g., Dark Reading) and have received wide recognition from the industry, including Amazon, Apple, Baidu, Google, Grsecurity, IBM, JD.com, Linux Foundation, Microsoft, and Red Hat. His work is integrated into the internal threat alerting platform of JD.com. The new defenses in AutoSlab produced by Grsecurity and iPhone 13 series from Apple can find their prototypes in his works. As a team member of r3kapig and Nu1L, he participated in DEF CON 26 CTF Final and DECONF 29 CTF Final, and ranked 16th and 7th, respectively. He ranked 5th in NSA codebreaker 2017.