RPLKG: Robust Prompt Learning with Knowledge Graph

Large-scale pre-trained models have been known that they are transferable, and they generalize well on the unseen dataset. Recently, multimodal pre-trained models such as CLIP show significant performance improvement in diverse experiments. However, when the labeled dataset is limited, the generalization of a new dataset or domain is still challenging. To improve the generalization performance on few-shot learning, there have been diverse efforts, such as prompt learning and adapter. However, the current few-shot adaptation methods are not interpretable, and they require a high computation cost for adaptation. In this study, we propose a new method, robust prompt learning with knowledge graph (RPLKG). Based on the knowledge graph, we automatically design diverse interpretable and meaningful prompt sets. Our model obtains cached embeddings of prompt sets after one forwarding from a large pre-trained model. After that, model optimizes the prompt selection processes with GumbelSoftmax. In this way, our model is trained using relatively little memory and learning time. Also, RPLKG selects the optimal interpretable prompt automatically, depending on the dataset. In summary, RPLKG is i) interpretable, ii) requires small computation resources, and iii) easy to incorporate prior human knowledge. To validate the RPLKG, we provide comprehensive experimental results on few-shot learning, domain generalization and new class generalization setting. RPLKG shows a significant performance improvement compared to zero-shot learning and competitive performance against several prompt learning methods using much lower resources

BaseSAFE: Baseband SAnitized Fuzzing through Emulation

Rogue base stations are an effective attack vector. Cellular basebands represent a critical part of the smartphone's security: they parse large amounts of data even before authentication. They can, therefore, grant an attacker a very stealthy way to gather information about calls placed and even to escalate to the main operating system, over-the-air. In this paper, we discuss a novel cellular fuzzing framework that aims to help security researchers find critical bugs in cellular basebands and similar embedded systems. BaseSAFE allows partial rehosting of cellular basebands for fast instrumented fuzzing off-device, even for closed-source firmware blobs. BaseSAFE's sanitizing drop-in allocator, enables spotting heap-based buffer-overflows quickly. Using our proof-of-concept harness, we fuzzed various parsers of the Nucleus RTOS-based MediaTek cellular baseband that are accessible from rogue base stations. The emulator instrumentation is highly optimized, reaching hundreds of executions per second on each core for our complex test case, around 15k test-cases per second in total. Furthermore, we discuss attack vectors for baseband modems. To the best of our knowledge, this is the first use of emulation-based fuzzing for security testing of commercial cellular basebands. Most of the tooling and approaches of BaseSAFE are also applicable for other low-level kernels and firmware. Using BaseSAFE, we were able to find memory corruptions including heap out-of-bounds writes using our proof-of-concept fuzzing harness in the MediaTek cellular baseband. BaseSAFE, the harness, and a large collection of LTE signaling message test cases will be released open-source upon publication of this paper

Precise and Efficient Dynamic Analysis of Systems Software

Today's mainstream operating systems (OSs) have monolithic kernels, in which low-level systems software such as device drivers, networking systems, and file systems all run within the kernel with no separation of privilege between them. This means that exploiting a single vulnerability present in any kernel subsystem gives adversaries access to the entire OS. It has been repeatedly demonstrated that OS kernels can be compromised locally or even remotely, through their wide attack surface—the system call interface as well as the peripheral interface.There exists a significant body of research aimed at finding vulnerabilities in software. Fuzzing, among others, is widely regarded as a practical and effective approach to finding vulnerabilities. Most of the fuzzing research, however, has targeted user-space software. Unfortunately, fuzzing systems software running in kernel space can be more challenging than fuzzing user-space software, as existing kernel fuzzers suffer from unique challenges that arise in kernel space. More specifically, existing fuzzers for OS kernels are (i) imprecise in that they do not accurately model the full capabilities of possible attackers, e.g., attackers on the peripheral hardware side, or (ii) inefficient due to various delays caused by system crashes, asynchronous input processing, etc. This dissertation presents two dynamic analysis techniques that significantly alleviate these problems: (i) a technique that enables fuzzing the peripheral input space of OS kernels, which precisely models the capabilities of a strong attacker on the peripheral side, and (ii) a virtual machine checkpointing technique that can accelerate OS kernel fuzzing, making dynamic analysis more efficient. The dissertation concludes with a summary of these techniques as well as a recommendation for promising future work directions

SoK: Sanitizing for Security

status: publishe

Distributed Heterogeneous N-Variant Execution

status: publishe

GuardiaNN: Fast and Secure On-Device Inference in TrustZone Using Embedded SRAM and Cryptographic Hardware

As more and more mobile/embedded applications employ Deep Neural Networks (DNNs) involving sensitive user data, mobile/embedded devices must provide a highly secure DNN execution environment to prevent privacy leaks. Aimed at securing DNN data, recent studies execute part of a DNN in a trusted execution environment (e.g., TrustZone) to isolate DNN execution from the other processes; however, as the trusted execution environments for mobile/embedded devices provide limited memory protection, DNN data remain unencrypted in DRAM and become vulnerable to physical attacks. The devices can prevent the physical attacks by keeping DNN data encrypted in DRAM; when DNN data get referenced during DNN execution, they get loaded to the SRAM and get decrypted by a CPU core. Unfortunately, using the SRAM with demand paging greatly increases DNN execution time due to the inefficient use of the SRAM and the high CPU consumption of data encryption/decryption. In this paper, we present GuardiaNN, a fast and secure DNN framework which greatly accelerates DNN execution without sacrificing security guarantees. To accelerate secure DNN execution, GuardiaNN first reduces slow DRAM accesses with direct convolutions and maximizes the reuse of SRAM-stored data with DNN-friendly SRAM management. Then, aimed at dedicating the limited CPU resources to DNN execution, GuardiaNN offloads DNN data encryption/decryption onto secure cryptographic hardware and employs pipelining to overlap DNN execution with the encryption/decryption. For eight DNNs chosen from five representative mobile/embedded application domains, our implementation of GuardiaNN on STM32MP157C-DK2 development board achieves a geomean speedup of 15.3x and a geomean energy efficiency improvement of 15.2x over a baseline secure DNN framework which employs demand-paged SRAM to secure sensitive data.N

PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary

status: Published onlin