PhD Proposal by Yeongjin Jang

Event Details
  • Date/Time:
    • Monday May 1, 2017
      12:00 pm - 2:00 pm
  • Location: Klaus 3126
  • Phone:
  • URL:
  • Email:
  • Fee(s):
    N/A
  • Extras:
Contact
No contact information submitted.
Summaries

Summary Sentence: Building Trust in the User I/O in Computer Systems

Full Summary: No summary paragraph submitted.

Title: Building Trust in the User I/O in Computer Systems

 

Yeongjin Jang

School of Computer Science

College of Computing

Georgia Institute of Technology

 

 

Date: Monday, May 1st, 2017

Time: 12:00pm - 2:00pm

Location: Klaus 3126

 

 

Committee

--------------------

Dr. Wenke Lee (Advisor), School of Computer Science, Georgia Institute of Technology

Dr. Taesoo Kim (co-advisor), School of Computer Science, Georgia Institute of Technology

Dr. Mustaque Ahamad, School of Computer Science, Georgia Institute of Technology

 

Abstract

--------------------

User input plays an important role in computer security because it

can control system behavior and make security decisions in the system.

System output to users, or user output, is also important because

it often contains security-critical information that must be protected

in terms of integrity and confidentiality, such as passwords and user's

private data. Despite the importance of user input and output (I/O),

modern computer systems often fail to provide basic security guarantees

on them, which has resulted in serious security breaches.

 

My dissertation research aims to build trust in the user I/O in computer

systems and keep systems secure by blocking attack pathways. To this end,

I analyze user I/O path on popular platforms including desktop operating

systems, mobile operating systems, and trusted execution environments

such as Intel SGX, and then develop systems that guarantee three key

security properties of user I/O: integrity, confidentiality, and authenticity.

 

First, Gyrus addresses the integrity of user input by matching the user's

original input with the content of outgoing network traffic and authorizing

user-intended network transactions. Second, M-Aegis addresses the

confidentiality of user I/O by implementing an encryption layer on top of

user interface layer that provides user-to-user encryption. Third,

the A11y Attack addresses the importance of verifying user I/O authenticity

by demonstrating twelve new attacks, which stem from missing proper security

checks to verify input sources and output destinations on alternative user

I/O paths in operating systems.

 

Finally, to establish trust in user I/O, I propose a system called SGX-USB,

which combines three security properties to ensure the assurance of user I/O.

SGX-USB establishes a trusted communication channel between the USB

controller and an enclave instance of Intel SGX. The system supports common

user input devices such as a keyboard and a mouse over the trusted channel,

which guarantees the assurance of user input. Having assurance in user I/O

allows the computer system to securely handle commands and data from

the user and eliminate attacks to I/O paths.


 

Additional Information

In Campus Calendar
No
Groups

Graduate Studies

Invited Audience
Faculty/Staff, Public, Undergraduate students
Categories
Other/Miscellaneous
Keywords
Phd proposal
Status
  • Created By: Tatianna Richardson
  • Workflow Status: Published
  • Created On: Apr 26, 2017 - 6:47am
  • Last Updated: Apr 26, 2017 - 6:47am