publications
ROLoad: Securing Sensitive Operations with Pointee Integrity
Protect sensitive operations with hardware support.
新闻动态
2021
publications
publications
VScape: Assessing and Escaping Virtual Call Protections
Bypass virtual protections towards AEG.
publications
Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems
Finding vulnerabilities in embedded systems
publications
MAZE: Towards Automated Heap Feng Shui
Manipulate heap layouts automatically.
talks
软硬协同的系统隔离机制
Abstract:
CPU厂商不断推出新的硬件安全与隔离的特性,Intel在最近6年发布的相关特性数量已经超过了之前的总和,利用好这些特性需要软硬件协同的设计。本次报告首先介绍了系统隔离机制作为信息产业基础设施,在云端、移动端等场景下对故障隔离和数据保护的基础性作用,然后介绍底层相关软硬件的发展现状、面临的挑战与机遇,最后介绍我们应对这些挑战所作的一些研究工作,包括已开源的RISC-V平台Enclave系统——“蓬莱”等。 talks
软件供应链视角下的漏洞攻防
Abstract:
漏洞攻防是软件安全领域的经典研究主题。然而,随着软件行业的飞速发展,软件的研发过程已经演进为上下游紧密依赖的软件供应链模式。在软件供应链生态中,下游软件系统的漏洞管理和防护非常重要,但是却存在诸多挑战。本次报告将从漏洞的修复评估方法出发,系统性的介绍软件供应链视角下漏洞攻防研究面临的若干困难并分享目前已取得的一些初步进展。 publications
Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks
This work explored the vulnerabilities of the chain-based authentication structure in the email ecosystem. We conducted a large-scale analysis of 30 popular email services and 23 email clients.
publications
Code is the (F)Law: Demystifying and Mitigating Blockchain Inconsistency AttacksCaused by Software Bugs
Exploit vulnerabilities in blockchains
projects
网络扫描器:XMap
Published:
摘要
XMap 是一款兼含 IPv6 与 IPv4 网络空间探测功能的快速扫描器,并且也是第一款学术界+工业界中专门用于 IPv6 资产快速扫描的工具。其参考 ZMap 的原理进行开发,从底层完全改写了 ZMap 的核心代码,将 ZMap 在 IPv4 网络空间的多种扫描优势移植到 IPv6 空间,并且结合我们自身最新的研究发现,增添了 IPv6 设备快速发现技术以及多端口扫描功能,且完全兼容 ZMap,具备“5分钟”扫描32位网络空间的能力。 publications
POP and PUSH: Demystifying and Defending against (Mach) Port-Oriented Programming
Mitigate port-oriented programming attacks for macOS
publications
Argot: Generating Adversarial Readable Chinese Texts
Generate adversarial Chinese texts with Glyph and Pinyin mutation.