RAID 2022 – The 25th International Symposium on Research in Attacks, Intrusions and Defenses

Program

Keynote

Micro-architectural attacks: from CPU to browser

Clémentine Maurice

Abstract: Hardware is often considered as an abstract layer that behaves correctly, just executing instructions and outputing a result. However, the internal state of the hardware leaks information about the programs that are executing, paving the way for covert or side-channel attacks. Many micro-architecural components can be used for such attacks; in particular, the CPU cache has been a target highly studied in the last years. In this presentation, we will first cover the evolution of micro-architectural attacks, having a look at a historical recap of past attacks and how the field evolved in the last years. We will then focus on how to mount these attacks from web browsers. Indeed, micro-architectural attacks require precisely monitoring low-level hardware features. In contrast, browsers only provide high-level sandboxed languages with a limited set of functions. Porting these attacks to the web thus exposes a series of challenges.

Wednesday 26/10/2022

8:30 - 9:00	Registration
9:00 - 9:30	Opening
9:30 - 10:30	Keynote
10:30 - 11:00	Break
11:00 - 12:30	Software Security (Chair: Michalis Polychronakis) +
Fuzzing@Home: Distributed Fuzzing on Untrusted Heterogeneous Clients Daehee Jang, Sungshin W. University Ammar Askar, Georgia Institute of Technology Insu Yun, KAIST Stephen Tong, Georgia Institute of Technology Yiqin Cai, Georgia Institute of Technology Taesoo Kim, Georgia Institute of Technology Exploiting Metaobjects to Reinforce Data Leakage Attacks Hoyong Jeong, KAIST Hodong Kim, Korea University Junbeom Hur, Korea University RiscyROP: Automated Return-Oriented Programming Attacks on RISC-V and ARM64 Tobias Cloosters, University of Duisburg-Essen David Paaßen, University of Duisburg-Essen Jianqiang Wang, Technical University of Darmstadt Oussama Draissi, University of Duisburg-Essen Patrick Jauernig, Technical University of Darmstadt Emmanuel Stapf, Technical University of Darmstadt Lucas Davi, University of Duisburg-Essen Ahmad-Reza Sadeghi, Technical University of Darmstadt Towards Deceptive Defense in Software Security with Chaff Bugs Zhenghao Hu, New York University Yu Hu, New York University Brendan Dolan-Gavitt, New York University
12:30 - 14:00	Lunch
14:00 - 15:10	(Un?)Trusted Hardware (Chair: Tudor Dumitraș) +
TrustedGateway: TEE-Assisted Routing and Firewall Enforcement Using ARM TrustZone Fabian Schwarz, CISPA Helmholtz Center for Information Security Write Me and I'll Tell You Secrets - Write-After-Write Effects On Intel CPUs Jan Philipp Thoma, Horst Görtz Institute for IT-Security, Ruhr University Bochum Tim Güneysu , Horst Görtz Institute for IT-Security, Ruhr University Bochum On the Challenges of Detecting Side-Channel Attacks in SGX Jianyu Jiang, The University of Hong Kong Claudio Soriente, NEC Laboratories Europe Ghassan Karame, Ruhr University Bochum
15:10 - 15:30	Break
15:30 - 16:40	Blockchain Security (Chair: Ghassan Karame) +
Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on Ethereum Dabao Wang, Monash University Hang FENG, Zhejiang University Siwei Wu, Zhejiang University Yajin Zhou, Zhejiang University Lei Wu, Zhejiang University Xingliang YUAN, Monash University Elysium: Context-Aware Bytecode-Level Patching to Automatically Heal Vulnerable Smart Contracts Christof Ferreira Torres, University of Luxembourg Hugo Jonker, Open University of the Netherlands Radu State, University of Luxembourg Threshold EdDSA Signature for Blockchain-based Decentralized Finance Applications (remote) Yang Shi, Tongji University Junqing Liang , Tongji University Mianhong Li, Tongji University Tianchen Ma, Tongji University Guodong Ye, Guangdong Ocean University Jiangfeng Li, Tongji University Qinpei Zhao, Tongji University
16:40	End of the day
18:30-20:00	Welcome reception

Thursday 27/10/2022

9:00 - 10:30	Privacy & Spoofing (Chair: Leyla Bilge) +
Understanding the Behavior Transparency of Voice Assistant Applications Using the ChatterBox Framework Atsuko Natatsuka, Waseda University Ryo Iijima, Waseda University Takuya Watanabe, NTT Social Informatics Laboratories Mitsuaki Akiyama, NTT Social Informatics Laboratories Tetsuya Sakai, Waseda University Tatsuya Mori, Waseda University \/ NICT \/ RIKEN AIP New Cloaking Region Obfuscation for Road Network-Indistinguishability and Location Privacy Baihe Ma, University of Technology Sydney Xiaojie Lin, University of Technology Sydney Xu Wang, University of Technology Sydney Bin Liu, University of Technology Sydney Ying He, University of Technology Sydney Wei Ni, CSIRO Ren Ping Liu, University of Technology Sydney *Detection of Electromagnetic Signal Injection Attacks on Actuator Systems (Best Paper)* (remote)** Youqian Zhang, University of Oxford Kasper Rasmussen, University of Oxford HALC: A Real-time In-sensor Defense against the Magnetic Spoofing Attack on Hall Sensors Anomadarshi Barua, University of California, Irvine Mohammad Abdullah Al Faruque, University of California, Irvine
10:30 - 11:00	Break
11:00 - 12:30	RTFFM (Rootkits, Forensics, Firmware, Mobile) (Chair: Davide Balzarotti) +
What You See is Not What You Get: Revealing Hidden Memory Mapping for Peripheral Modeling Jun Yeon Won, Ohio State University Haohuang Wen, Ohio State University Zhiqiang Lin, Ohio State University Katana: Robust, Automated, Binary-Only Forensic Analysis of Linux Memory Snapshots Fabian Franzen, Technical University of Munich Tobias Holl, Technical University of Munich Manuel Andreas, Technical University of Munich Julian Kirsch, Technical University of Munich Jens Grossklags, Technical University of Munich ULTRA: Ultimate Rootkit Detection over the Air Duy-Phuc Pham, Univ Rennes, Inria, CNRS, IRISA, France Damien Marion, Univ Rennes, Inria, CNRS, IRISA, France Annelie Heuser, Univ Rennes, Inria, CNRS, IRISA, France A scalable tracing tool for non-rooted and off-the-shelf Android phones Alain Tchana, ENS Lyon, France Yérom-David Bromberg, Univ. Rennes, Inria, CNRS, IRISA Lavoisier Wapet, ENS Lyon, France
12:30 - 14:00	Lunch
14:00 - 15:10	Network Security (Chair: Salil Kanhere) +
Mirrors in the Sky: On the Potential of Clouds in DNS-based DDoS Attacks Ramin Yazdani, University of Twente Alden Hilton, Brigham Young University Jeroen van der Ham, University of Twente and NCSC Roland van Rijswijk-Deij, University of Twente Casey Deccio, Brigham Young University Anna Sperotto, University of Twente Mattijs Jonker, University of Twente Harm-DoS: Hash Algorithm Replacement for Mitigating Denial-of-Service Vulnerabilities in Binary Executables Nicolaas Weideman, University of Southern California - Information Sciences Institute Haoda Wang, University of Southern California - Information Sciences Institute Tyler Kann, Information Sciences Institute, University of Southern California Spencer Zahabizadeh, Information Sciences Institute, University of Southern California Wei-Cheng Wu, Information Sciences Institute, University of Southern California Rajat Tandon, University of Southern California Jelena Mirkovic, USC Christophe Hauser, Information Sciences Institute, University of Southern California Zigbee's Network Rejoin Procedure for IoT Systems: Vulnerabilities and Implications (remote) Jincheng Wang, The Chinese University of Hong Kong Zhuohua Li, The Chinese University of Hong Kong Mingshen Sun, Baidu John C. S. Lui, The Chinese University of Hong Kong
15:10 - 15:30	Break
15:30 - 16:40	Robust and Trustworthy ML & Models (Chair: Brendan Dolan Gavitt) +
Systematically Evaluating the Robustness of ML-based IoT Malware Detection Systems (remote) Ahmed Abusnaina, University of Central Florida Afsah Anwar, Northeastern University Sultan Alshamrani, University of Central Florida Abdulrahman Alabduljabbar, University of Central Florida RhongHo Jang, Wayne State University DaeHun Nyang, Ewha Womans University David Mohaisen, University of Central Florida Transferable Graph Backdoor Attack Shuiqiao Yang, The University of New South Wales Bao Doan, The University of Adelaide Paul Montague, Defence Science and Technology Group Olivier De Vel, Defence Science and Technology Group Tamas Abraham, Defence Science and Technology Group Seyit Camtepe, CSIRO Data61, Australia Damith C. Ranasinghe, The University of Adelaide Salil S. Kanhere, UNSW, Sydney, Australia Automated Runtime Mitigation for Misconfiguration Vulnerabilities in Industrial Control Systems (remote) Qingzhao Zhang, University of Michigan Xiao Zhu, University of Michigan Mu Zhang, University of Utah Z. Morley Mao, University of Michigan and Google
16:40	End of the day
17:15 (Departure from hotel)	Social Dinner

Friday 28/10/2022

9:00 - 10:30	Program Analysis (Chair: Elias Athanasopoulos) +
BinProv: Binary Code Provenance Identification without Disassembly (remote) Xu He, George Mason University Shu Wang, George Mason University Yunlong Xing, George Mason University Pengbin Feng, George Mason University Haining Wang, Virginia Tech Qi Li, Tsinghua University Songqing Chen, George Mason University Kun Sun, George Mason University LiCA: A Fine-grained and Path-sensitive Linux Capability Analysis Framework (remote) Menghan Sun, The Chinese University of Hong Kong Zirui SONG, The Chinese University of Hong Kong Xiaoxi REN, Hunan University Daoyuan Wu, The Chinese University of Hong Kong Kehuan Zhang, The Chinese University of Hong Kong Script Tainting Was Doomed From The Start (By Type Conversion): Converting Script Engines into Dynamic Taint Analysis Frameworks Toshinori Usui, NTT Social Informatics Laboratories Yuto Otsuki, NTT Security (Japan) KK Yuhei Kawakoya, NTT Social Informatics Laboratories Makoto Iwamura, NTT Social Informatics Laboratories Kanta Matsuura, Institute of Industrial Science, The University of Tokyo Decap: Deprivileging Programs by Reducing Their Capabilities Md Mehedi Hasan, Stony Brook University Seyedhamed Ghavamnia, Stony Brook University Michalis Polychronakis, Stony Brook University
10:30 - 11:00	Break
11:00 - 12:30	Web, Phishing and Authentication (Chair: Pierre Laperdix) +
Viopolicy-Detector: An Automated Approach to Detecting GDPR Compliance Violations in Websites (remote) Haoran Ou, School of Cyber Science and Engineering, Sichuan University Yong Fang, School of Cyber Science and Engineering, Sichuan University Wenbo Guo, School of Cyber Science and Engineering, Sichuan University Yongyan Guo, School of Cyber Science and Engineering, Sichuan University Cheng Huang, School of Cyber Science and Engineering, Sichuan University Context-Auditor: Context-sensitive Content Injection Mitigation (remote) Faezeh Kalantari, Arizona State University Mehrnoosh Zaeifi, Arizona State University Tiffany Bao, Arizona State University Ruoyu Wang, Arizona State University Yan Shoshitaishvili, Arizona State University Adam Doupé, Arizona State University Content-Agnostic Detection of Phishing Domains using Certificate Transparency and Passive DNS Mashael Al-Sabah, Qatar Computing Research Institute Mohamed Nabeel,Qatar Computing Research Institute Euijin Choo, Qatar Computing Research Institute Yazan Boshmaf, Qatar Computing Research Institute, HBKU OAuch: Exploring the Weaknesses of the OAuth 2.0 Ecosystem (Best Practical Paper) Pieter Philippaerts, imec-DistriNet, KU Leuven Davy Preuveneers, imec-DistriNet, KU Leuven Wouter Joosen, imec-DistriNet, KU Leuven
12:30 - 14:00	Lunch
14:00 - 15:10	NIDS (Chair: Marc Dacier) +
CJ-Sniffer: Measurement and Content-Agnostic Detection of Cryptojacking Traffic (remote) Yebo Feng, University of Oregon Jun Li, University of Oregon Devkishen Sisodia, University of Oregon Encrypted Malware Traffic Detection via Graph-based Network Analysis (remote) Zhuoqun Fu, Tsinghua University Mingxuan Liu, Tsinghua University Yue Qin, Indiana University Bloomington Jia Zhang, Tsinghua University Yuan Zou, Tsinghua University; GeekSec Security Group Qilei Yin, Tsinghua University Qi Li, Tsinghua University Haixin Duan, Tsinghua University; Qi An Xin Group Corp IPAL: Breaking up Silos of Protocol-dependent and Domain-specific Industrial Intrusion Detection Systems Konrad Wolsing, Fraunhofer FKIE \/ RWTH Aachen University Eric Wagner, Fraunhofer FKIE \/ RWTH Aachen University Antoine Saillard, RWTH Aachen University \/ Fraunhofer FKIE Martin Henze, RWTH Aachen University \/ Fraunhofer FKIE
15:10 - 16:45	Closure and Drinks