|报告题目:Cache-Memory Attacks in Clouds and Mobile Devices
主讲人：Dr. Yinqian Zhang, Assistant Professor, DCSE Ohio State University
Processor caches and memory chips are hardware components used by all software programs on a computer system.They are designed,and there after fine-tuned over the years,for better performance and power efficiency,but not for strong isolation between mutually distrustful software programs. Our research question is whether sharing of memory resources will introduce new security threats to these systems.
In this talk,we highlight a type of security threats that we call cache-memory attacks.These attacks are possible due to in sufficient isolation in hard ware memory resources (e.g.,various levels of caches,memory controllers,buses and chips,etc.)that are shared between malevolent and sensitive software programs.We coin cache-memory attacks as the umbrella terms of side-channel attacks(i.e.,confidentiality attacks),row-hammer attacks(i.e.,integrity attacks) and resource contention attacks (i.e.,availability attacks).We will discuss the root vulnerabilities of these attacks and their exploitation in the context of clouds and mobile devices.We will also cover some defense techniques against these attacks that we have developed over the past few years.
Dr. Yinqian Zhang is an assistant professor of the Department of Computer Science and Engineering at The Ohio State University,where he leads the Computer Security Lab.His research topics range over various fields in security,including cloud and mobile security,hardware-assisted security(e.g.,Intel SGX,hardware transactional memory),control-flow integrity,user authentication and anonymous communication.He is mostly known for his work in side-channel attacks and defenses in multi-tenant cloud computing.He frequently serves as program committee members for top-tier security conferences,such as Oakland,CCS,NDSS,and as reviewers for Journals like TISSEC, TIFS, TDSC, TPDS, etc.
Dr.Zhang received his Ph.D. in computer science from UNC-Chapel Hill in 2014,advised by Prof.Michael K. Reiter. During his Ph.D. study,he was the only recipient of the prestigious Google Ph.D. Fellowship in Computer Security in 2013.