报告人:Dr. XiaoFeng Wang
报告人单位:Indiana University
时间: 3月26日上午10:00
地点: 必威BETWAY官网五楼会议室
邀请人: 王丽娜教授
报告摘要: Innovations in security research often come from the
curiosity about how rules can be bent. The interdisciplinary nature of
system security further presents the researcher a vast space to explore
such opportunities. In this talk, I will share our experience in finding
and understanding security weaknesses on the technology frontier,
demonstrating how big questions can be asked to help discover subtle but
fundamental security problems inside modern computing systems, and how
such findings can reshape system security designs, bringing forth new
techniques, new research directions. More specifically, using mobile
and IoT as examples, I will show that discovery and analysis of their
surprising side channel weaknesses (which can be exploited by even the
apps without permissions to expose one’s identity, locations, health
information, etc.) questions the “security by construction” designs of
these systems, identifying what need to be addressed to better protect
them. Further to be presented is the preliminary effort to automate
such a discovery process, by leveraging the knowledge automatically
recovered from documents to guide detection of security-critical
vulnerabilities. Finally, I will highlight the key insights of system
security research and discuss the directions that might impact the
development of new security technologies in the years to come.
报告人简介: Dr. XiaoFeng Wang is a James H. Rudy Professor of Computing
at Indiana University, Co-director of IU’s Center for Security and
Privacy in Informatics, Computing and Engineering, and the Vice Chair of
the ACM SIGSAC (special interest group on security, audit and control).
He is also a PC Co-Chair of the 2018 ACM Conference on Computer and
Communications Security (CCS). Dr. Wang received his Ph.D. in
Electrical and Computer Engineering from Carnegie Mellon University. He
is considered to be one of the most prominent system security
researchers, among the most productive authors at leading security
venues (#5 among over 6,000 authors in the past 18 years according to
online statistics: http://s3.eurecom.fr/~balzarot/notes/top4/). Dr.
Wang is known for his high-impact research on security analysis of
real-world systems and biomedical data privacy. Particularly the
projects he led on payment and single-sign-on API integrations, Android
and iOS security and IoT protection have changed the way the industry
built these systems. Also he is a pioneer researcher on human genome
privacy and a co-founder of the iDASH Genome Privacy Competition that
bridges the frontline security and cryptography research and the
real-world demands for biomedical data sharing and computing protection.
More recently, he is actively working on Data-Centric Intelligent
Security, Cybercrimes, Hardware-support Protection and IoT Security. For
his work, Dr. Wang has received numerous awards, including the Award
for Outstanding Research in Privacy Enhancing Technologies (the PET
Award) and the Best Practical Paper Award at the 32nd IEEE Symposium on
Security and Privacy. His research has been extensively reported by the
public media, including CNN, MSNBC, Forbes, Slashdot, Nature News, etc.
2018年3月19日