Skip to content

IEEE S&P

2023

Practical Program Modularization with Type-Based Dependence Analysis

TODO

WaVe: a verifiably secure WebAssembly sandboxing runtime

2022

Wobfuscator: Obfuscating JavaScript Malware via Opportunistic Translation to WebAssembly

WebAssembly provides attackers a new and so far unexplored opportunity for evading malware detectors.

Evaluation based on 3 RQ:

  • RQ1: Effectiveness
  • RQ2: Correctness
  • RQ3: Efficiency

Mitigating Information Leakage Vulnerabilities with Type-based Data Isolation

2020

SEIMI: Efficient and Secure SMAP-Enabled Intra-process Memory Isolation

Motivation: user-mode hardware features are not fast.

SMAP requires 8.6 cycles, faster than MPK (18.9 cycles).

Seperate processes and kernel: targeted process at ring 0, place OS kernel at ring -1.

Challenges

  1. Distinguishing SMAP reads and writes. (shared memory based read/write separation)
  2. Preventing the leaking/manipulating of the privileged data structures. (redirect syscall to vmcall)
  3. Prevent the abusing of the privileged hardware features. (identify privileged instructions and sanitizes)

SEIMI is a kernel module, including 3 key components:

  1. memory management
  2. privileged instructions prevention
  3. events redirection

2019

Spectre Attacks: Exploiting Speculative Execution

2009

Native Client: A Sandbox for Portable, Untrusted x86 Native Code

TODO