实用型可搜索加密在允许一定信息泄露的前提下实现了对存储在云端密态数据的高效搜索。当前实用型密态数据搜索应用系统（如ShadowCrypt等）的构建主要基于一种名为“efficiently deployable, efficiently searchable encryption”(EDESE)的可搜索加密方案。针对EDESE方案所泄露的信息，本报告将介绍一种针对此类信息泄露的新型被动式攻击方法，进一步揭露了实用型可搜索加密信息泄露的危害。

talks
软硬协同的系统隔离机制

14:00-15:30pm May 20, 2021

academic talk @ 腾讯会议, Tsinghua University, Beijing

Speaker: 夏虞斌（上海交通大学）

Abstract:

CPU厂商不断推出新的硬件安全与隔离的特性，Intel在最近6年发布的相关特性数量已经超过了之前的总和，利用好这些特性需要软硬件协同的设计。本次报告首先介绍了系统隔离机制作为信息产业基础设施，在云端、移动端等场景下对故障隔离和数据保护的基础性作用，然后介绍底层相关软硬件的发展现状、面临的挑战与机遇，最后介绍我们应对这些挑战所作的一些研究工作，包括已开源的RISC-V平台Enclave系统——“蓬莱”等。

talks
软件供应链视角下的漏洞攻防

14:00-15:30pm May 13, 2021

academic talk @ 腾讯会议, Tsinghua University, Beijing

Speaker: 张源（复旦大学）

Abstract:

漏洞攻防是软件安全领域的经典研究主题。然而，随着软件行业的飞速发展，软件的研发过程已经演进为上下游紧密依赖的软件供应链模式。在软件供应链生态中，下游软件系统的漏洞管理和防护非常重要，但是却存在诸多挑战。本次报告将从漏洞的修复评估方法出发，系统性的介绍软件供应链视角下漏洞攻防研究面临的若干困难并分享目前已取得的一些初步进展。

publications
Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks

USENIX Security 2021

Kaiwen Shen , Chuhan Wang , Minglei Guo , Xiaofeng Zheng , Chaoyi Lu , Baojun Liu , Yuxuan Zhao , Shuang Hao , Haixin Duan , Qinfeng Pan , Min Yang .

This work explored the vulnerabilities of the chain-based authentication structure in the email ecosystem. We conducted a large-scale analysis of 30 popular email services and 23 email clients.

publications
Code is the (F)Law: Demystifying and Mitigating Blockchain Inconsistency AttacksCaused by Software Bugs

INFOCOM 2021

Guorui Yu , Shibin Zhao , Chao Zhang , Zhiniang Peng , Yuandong Ni , Xinhui Han .

Exploit vulnerabilities in blockchains

projects
网络扫描器：XMap

Published: April 02, 2021

摘要

XMap 是一款兼含 IPv6 与 IPv4 网络空间探测功能的快速扫描器，并且也是第一款学术界+工业界中专门用于 IPv6 资产快速扫描的工具。其参考 ZMap 的原理进行开发，从底层完全改写了 ZMap 的核心代码，将 ZMap 在 IPv4 网络空间的多种扫描优势移植到 IPv6 空间，并且结合我们自身最新的研究发现，增添了 IPv6 设备快速发现技术以及多端口扫描功能，且完全兼容 ZMap，具备“5分钟”扫描32位网络空间的能力。

publications
POP and PUSH: Demystifying and Defending against (Mach) Port-Oriented Programming

NDSS 2021

Min Zheng , Xiaolong Bai , Yajin Zhou , Chao Zhang , Fuping Qu .

Mitigate port-oriented programming attacks for macOS

publications
Argot: Generating Adversarial Readable Chinese Texts

IJCAI 2021 , download

Zihan Zhang , Mingxuan Liu , Chao Zhang , Yiming Zhang , Zhou Li , Qi Li , Haixin Duan , Donghong Sun .

Generate adversarial Chinese texts with Glyph and Pinyin mutation.

2020

hacking
2020年字节范儿-高校挑战赛决赛

December 12, 2020

Team: Redbud
Rank: 1
Core Players from NISL: Linkai Zheng , Minglei Guo , Siqi Wang , Chuhan Wang , Hao Wang , Zheming Li , Yuxuan Wang .

talks
On Manually Reverse Engineering Communication Protocols of Linux Based IoT Systems

14:00-15:30pm December 10, 2020

academic talk @ tencent, Tsinghua University, Beijing

Speaker: 凌振（东南大学）

Abstract:

IoT security and privacy has raised grave concerns. Efforts have been made to design tools to identify and understand vulnerabilities of IoT systems. Most of the existing protocol security analysis techniques rely on a well understanding of the underlying communication protocols. In this talk, we systematically present the first manual reverse engineering framework for discovering communication protocols of embedded Linux based IoT systems. We have successfully applied our framework to reverse engineer a number of IoT systems. The discovered protocols expose severe design flaws that allow attackers to control or deny the service of victim IoT devices. Our manual reverse engineering framework is generic and can be applied to both read-only and writable Embedded Linux filesystems.

[email protected]

新闻动态

2021

publications
ROLoad: Securing Sensitive Operations with Pointee Integrity

publications
VScape: Assessing and Escaping Virtual Call Protections

publications
Sharing More and Checking Less: Leveraging Common Input Keywords to Detect Bugs in Embedded Systems

publications
MAZE: Towards Automated Heap Feng Shui

talks
实用型可搜索加密被动式攻击方法

Abstract:

talks
软硬协同的系统隔离机制

Abstract:

talks
软件供应链视角下的漏洞攻防

Abstract:

publications
Weak Links in Authentication Chains: A Large-scale Analysis of Email Sender Spoofing Attacks

publications
Code is the (F)Law: Demystifying and Mitigating Blockchain Inconsistency AttacksCaused by Software Bugs

projects
网络扫描器：XMap

摘要

publications
POP and PUSH: Demystifying and Defending against (Mach) Port-Oriented Programming

publications
Argot: Generating Adversarial Readable Chinese Texts

2020

hacking
2020年字节范儿-高校挑战赛决赛

talks
On Manually Reverse Engineering Communication Protocols of Linux Based IoT Systems

Abstract:

hacking
哈工大国际网络安全大赛HITCTF 2020

hacking
第二届“补天杯”破解大赛

hacking
WCTF Campus 2020