Code trolley: hardware-assisted control flow obfuscation

Many cybersecurity attacks rely on analyzing a binary executable to find exploitable sections of code. Code obfuscation is used to prevent attackers from reverse engineering these executables. In this work, we focus on control flow obfuscation - a technique that prevents attackers from statically determining which code segments are original, and which segments are added in to confuse attackers. We propose a RISC-V-based hardware-assisted deobfuscation technique that deobfuscates code at runtime based on a secret safely stored in hardware, along with an LLVM compiler extension for obfuscating binaries. Unlike conventional tools, our work does not rely on compiling hard-to-reverse-engineer code, but on securing a secret key. As such, it can be seen as a lightweight alternative to on-the-fly binary decryption.Published versio

CodeTrolley: Hardware-Assisted Control Flow Obfuscation

Many cybersecurity attacks rely on analyzing a binary executable to find exploitable sections of code. Code obfuscation is used to prevent attackers from reverse engineering these executables. In this work, we focus on control flow obfuscation - a technique that prevents attackers from statically determining which code segments are original, and which segments are added in to confuse attackers. We propose a RISC-V-based hardware-assisted deobfuscation technique that deobfuscates code at runtime based on a secret safely stored in hardware, along with an LLVM compiler extension for obfuscating binaries. Unlike conventional tools, our work does not rely on compiling hard-to-reverse-engineer code, but on securing a secret key. As such, it can be seen as a lightweight alternative to on-the-fly binary decryption.Comment: 2019 Boston Area Architecture Workshop (BARC'19

Automated exposure notification for COVID-19

In the current COVID-19 pandemic, various Automated Exposure Notification (AEN) systems have been proposed to help quickly identify potential contacts of infected individuals. All these systems try to leverage the current understanding of the following factors: transmission risk, technology to address risk modeling, system policies and privacy considerations. While AEN holds promise for mitigating the spread of COVID-19, using short-range communication channels (Bluetooth) in smartphones to detect close individual contacts may be inaccurate for modeling and informing transmission risk. This work finds that the current close contact definitions may be inadequate to reduce viral spread using AEN technology. Consequently, relying on distance measurements from Bluetooth Low-Energy may not be optimal for determining risks of exposure and protecting privacy. This paper's literature analysis suggests that AEN may perform better by using broadly accessible technologies to sense the respiratory activity, mask status, or environment of participants. Moreover, the paper remains cognizant that smartphone sensors can leak private information and thus recommends additional objectives for maintaining user privacy without compromising utility for population health. This literature review and analysis will simultaneously interest (i) health professionals who desire a fundamental understanding of the design and utility of AEN systems and (ii) technologists interested in understanding their epidemiological basis in the light of recent research. Ultimately, the two disparate communities need to understand each other to assess the value of AEN systems in mitigating viral spread, whether for the COVID-19 pandemic or for future ones.U01 CA243004 - NCI NIH HHS; 000000000000000000000000000000000000000000000000000000037211 - SRI InternationalPublished versio