Kangjie Lu

Ph.D. Candidate

School of Computer Science

College of Computing

Georgia Institute of Technology

Date: Wednesday, July 19, 2017

Time: 10AM-12PM EDT

Location: KACB 3100

Committee:

---------------

Dr. Wenke Lee (Advisor), School of Computer Science, Georgia Tech

Dr. Taesoo Kim (Co-advisor), School of Computer Science, Georgia Tech

Dr. Mustaque Ahamad,  School of Computer Science, Georgia Tech

Dr. William R. Harris, School of Computer Science, Georgia Tech

Dr. Debin Gao, Singapore Management University

Dr. Michael Backes, Saarland University and MPI-SWS

Abstract:

---------------

Foundational software systems such as operating systems and web

servers are always implemented in unsafe programming languages for

efficiency, and system designers often prioritize performance over

security. Hence, these systems inherently suffer from a variety of

vulnerabilities and insecure designs that have been exploited by

adversaries to launch critical system attacks. Two typical goals of

these attacks are to leak sensitive data and to control victim

systems.

This thesis work aims to defeat both data leaks and control attacks.

We first identify that, in modern systems, preventing information

leaks can be a general defense that not only stops data leaks but

also defeats control attacks. We then investigate three ways to

prevent information leaks: eliminating information-leak

vulnerabilities in code, re-designing system mechanisms against

information leaks, and protecting certain sensitive data from

information leaks. We develop multiple tools for each way. While

automatically and reliably securing complex systems, all these tool

impose negligible performance overhead. We conclude that preventing

information leaks can be a general and practical approach to

securing complex modern systems.