Internet-Wide Evaluations of Security and Vulnerabilities

The Internet significantly impacts the world culture. Since the beginning, it is a multilayered system, which is even gaining more protocols year by year. At its core, remains the Internet protocol suite, where the fundamental protocols such as IPv4, TCP/UDP, DNS are initially introduced. Recently, more and more cross-layer attacks involving features in multiple layers are reported. To better understand these attacks, e.g. how practical they are and how many users are vulnerable, Internet-wide evaluations are essential. In this cumulative thesis, we summarise our findings from various Internet-wide evaluations in recent years, with a main focus on DNS. Our evaluations showed that IP fragmentation poses a practical threat to DNS security, regardless of the transport protocol (TCP or UDP). Defense mechanisms such as DNS Response Rate Limiting could facilitate attacks on DNS, even if they are designed to protect DNS. We also extended the evaluations to a fundamental system which heavily relies on DNS, the web PKI. We found that Certificate Authorities suffered a lot from previous DNS vulnerabilities. We demonstrated that off-path attackers could hijack accounts at major CAs and manipulate resources there, with various DNS cache poisoning attacks. The Domain Validation procedure faces similar vulnerabilities. Even the latest Multiple-Validation-Agent DV could be downgraded and poisoned. On the other side, we also performed Internet-wide evaluations of two important defence mechanisms. One is the cryptographic protocol for DNS security, called DNSSEC. We found that only less than 2% of popular domains were signed, among which about 20% were misconfigured. This is another example showing how poorly deployed defence mechanisms worsen the security. The other is ingress filtering, which stops spoofed traffic from entering a network. We presented the most completed Internet-wide evaluations of ingress filtering, which covered over 90% of all Autonomous Systems. We found that over 80% of them were vulnerable to inbound spoofing

Design, simulation and fabrication of 4H-SiC Power MOSFETs

For a 4H-SiC MOSFET to compete with Si counterparts, especially at lower voltages (1.2kV), the channel resistance contributes to a significant part in the total on-state resistance which must be addressed. Since most of the commercially available SiC wafer materials are grown on the {0001} crystal plane, a trench-gate MOSFET is necessary to take the advantage of the higher reported channel mobility on the {112 ̅ 0} crystal plane. 1.2kV trench MOSFET design and fabrication is the main focus in this work. The micro-trench free dry etching process has first been developed with a systematic study on the dry etching parameters. Trench corner rounding has also been investigated since a rounded corner is normally preferred to avoid an electric field hot spot. Two generations of trench MOSFETs have been designed and fabricated. The 1st generation devices have been used to validate the fabrication process. A maximum breakdown voltage of 1600V has been achieved for the 1st generation devices. The p+ trench bottom shielding region provides the protection for the trench gate oxide since it shifts the peak electric field from the oxide/semiconductor interface to a semiconductor p-n junction; however, it also introduces a parasitic JFET region into the trench MOSFET structure which severely degraded the on-state performance of the 1st generation devices. The 2nd generation devices were designed to eliminate the effect of the parasitic JFET region and improve the on-state performance. The optimised device structure with a current spreading layer (CSL) and p+ implantation clearance in the 2nd generation design has successfully eliminated the effect of the parasitic JFET region. Further design and process optimisation is necessary to increase the current density of the device which was as low as 3A/cm2. A fabrication trial has been carried out on the MOSFETs with integrated Schottky contacts at the termination region and therefore, external Schottky diodes are not necessary for many applications. A 10kV DMOSFET has also been designed and fabricated with maximum breakdown voltage at 13.6kV. The high voltage termination design options have been discussed among the floating field ring (FFR) termination and the junction termination extensions (JTEs). The on-state performance is poor due to a photo mask error on the JFET length which needs to be optimised for the next generation devices. Novel device structures have been studied with simulation. These include trench MOSFET with integrated Schottky diode and 3.3kV superjunction trench MOSFET. The MOSFET with integrated Schottky diode not only reduces the chip area consumption, but also reduces the chip count in the system level. In the proposed design, the Schottky contact is placed at the bottom of the trench structure for the first time. The superjunction structure has a great potential for SiC devices rated at above 3.3kV. The proposed design uses implanted p-pillar with a trench gate structure which combines the benefits of low channel resistance and low drift region resistance

Built-in reliability design of highly integrated solid-state power switches with metal bump interconnects

A stacked substrate–chip–bump–chip–substrate assembly has been demonstrated in the construction of power switch modules with high power density and good electrical performance. In this paper, special effort has been devoted to material selection and geometric shape of the bumps in the design for improving the thermomechanical reliability of a highly integrated bidirectional switch. Results from3-D finite-element simulation indicate that for all design cases the maximum von Mises stresses and creep strain accumulations occur in the solder joints used to join bumps on IGBTs during a realistic mission profile, but occur in the solder joints used to join bumps on DBC substrates during accelerated thermal cycling. The results from both the simulation and the accelerated thermal cycling experiments reveal that selection of Cu/Mo/Cu composite brick bumps in the stacked assembly can significantly improve the thermomechanical reliability of both the solder joints and the DBC substrates when compared to Cu cylinder bumps and Cu hollow cylinder bumps reported in previous work. Such results can be attributed to the effective reduction in the extent ofmismatch of coefficients of thermal expansion between the different components in the assembly

A Comprehensive Survey on Trustworthy Graph Neural Networks: Privacy, Robustness, Fairness, and Explainability

Graph Neural Networks (GNNs) have made rapid developments in the recent years. Due to their great ability in modeling graph-structured data, GNNs are vastly used in various applications, including high-stakes scenarios such as financial analysis, traffic predictions, and drug discovery. Despite their great potential in benefiting humans in the real world, recent study shows that GNNs can leak private information, are vulnerable to adversarial attacks, can inherit and magnify societal bias from training data and lack interpretability, which have risk of causing unintentional harm to the users and society. For example, existing works demonstrate that attackers can fool the GNNs to give the outcome they desire with unnoticeable perturbation on training graph. GNNs trained on social networks may embed the discrimination in their decision process, strengthening the undesirable societal bias. Consequently, trustworthy GNNs in various aspects are emerging to prevent the harm from GNN models and increase the users' trust in GNNs. In this paper, we give a comprehensive survey of GNNs in the computational aspects of privacy, robustness, fairness, and explainability. For each aspect, we give the taxonomy of the related methods and formulate the general frameworks for the multiple categories of trustworthy GNNs. We also discuss the future research directions of each aspect and connections between these aspects to help achieve trustworthiness

4H-SiC trench MOSFET with integrated fast recovery MPS diode

A 4H-SiC trench metal-oxide-semiconductor field-effect-transistor (MOSFET) design with an integrated merged PiN Schottky (MPS) diode is proposed. The Schottky contact is embedded on the bottom of the trench structure for the first time. The low electric field in the oxide and Schottky contact surface can be achieved simultaneously using the proposed integration design which enhances the oxide reliability and reduces leakage from the Schottky diode. The integration of the MPS diode reduces the total chip area and the required number of dies compared with the conventional method of using an external Schottky diode

Force: Making 4PC > 4 × PC in Privacy Preserving Machine Learning on GPU

Tremendous efforts have been made to improve the efficiency of secure Multi-Party Computation (MPC), which allows n ≥ 2 parties to jointly evaluate a target function without leaking their own private inputs. It has been confirmed by previous researchers that 3-Party Computation (3PC) and outsourcing computations to GPUs can lead to huge performance improvement of MPC in computationally intensive tasks such as Privacy-Preserving Machine Learning (PPML). A natural question to ask is whether super-linear performance gain is possible for a linear increase in resources. In this paper, we give an affirmative answer to this question. We propose Force, an extremely efficient 4PC system for PPML. To the best of our knowledge, each party in Force enjoys the least number of local computations and lowest data exchanges between parties. This is achieved by introducing a new sharing type X -share along with MPC protocols in privacy-preserving training and inference that are semi-honest secure with an honest-majority. Our contribution does not stop at theory. We also propose engineering optimizations and verify the high performance of the protocols with implementation and experiments. By comparing the results with state-of-the-art researches such as Cheetah, Piranha, CryptGPU and CrypTen, we showcase that Force is sound and extremely efficient, as it can improve the PPML performance by a factor of 2 to 1200 compared with other latest 2PC, 3PC and 4PC syste