时间：2019-11-23  星期六  9:00- 10:30  理科一号楼  1131

摘要

Operating system (OS) kernels play a critical role in computer systems, which not only manage hardware and system resources, but also provide services and protection.To safely perform these complicated and error-prone tasks, OS kernels rely on a large number of security checks to validate system states.  Unfortunately, security checks are often missing, due to the complexity of OS kernels, which can result in a variety ofcritical security consequences, including permission bypasses, out-of-bound accesses, and system crashes.

In this talk, I will share our research on automatically detecting missing-check bugs in a semantic-aware manner.  I will first talk about how to automatically identify security checks and then present a set of new techniques for inferring whether a variable or operation requires a security check. Several techniques such as finding indirect-call targets, identifying critical variables, and finding semantically-similar code paths are generic and thus can also benefit future research on bug detection and system hardening. In the end, I will also share our experience on working with Linux maintainers to patch hundreds of missing-check bugs.

人物介绍：

Kangjie Lu

   Dr. Kangjie Lu is an assistant professor in the Computer Science & Engineering Department of the University of Minnesota-Twin Cities. His research interests include security and privacy, program analysis, and operating systems. He is particularly interested in automatically finding classes of vulnerabilities, introduced by both developers and compilers, in widely used systems, and hardening systems while preserving their reliability and efficiency. He won the best paper award at ACM CCS 2019. His research results are mainly published at top-tier venues and have led to many important updates in the Linux kernel, the Android OS, the FreeBSD kernel, and Apple’s iOS.

   He received his Ph.D. in Computer Science from the Georgia Institute of Technology. More details can befound at Here