Wednesday, March 21, 2018 - 10:15 am
Innovation Center, Room 2277
COLLOQUIUM Qiang Zeng Abstract By applying out-of-the-box thinking and cross-area approaches, novel solutions can be innovated to solve challenging problems. In this talk, I will share my experiences in applying cross-area approaches, and present creative designs to solve two difficult security problems. Problem 1: Decentralized Android Application Repackaging Detection. An unethical developer can download a mobile application, make arbitrary modifications (e.g., inserting malicious code and replacing the advertisement library), repackage the app, and then distribute it; the attack is called application repackaging. Such attacks have posed severe threats, causing $14 billion monetary loss annually and propagating over 80% of mobile malware. Existing countermeasures are mostly centralized and imprecise. We consider building the repackaging detection capability into apps, such that user devices are made use of to detect repackaging in a decentralized fashion. In order to protect repackaging detection code from attacks, we propose a creative use of logic bombs, which are commonly used in malware. The use of hacking techniques for benign purposes has delivered an innovative and effective defense technique. Problem 2: Precise Binary Code Semantics Extraction. Binary code analysis allows one to analyze a piece of binary code without accessing the corresponding source code. It is widely used for vulnerability discovery, dissecting malware, user-side crash analysis, etc. Today, binary code analysis becomes more important than ever. With the booming development of the Internet-of-Things industry, a sheer number of firmware images of IoT devices can be downloaded from the Internet. It raises challenges for researchers, third-party companies, and government agents to analyze these images at scale, without access to the source code, for identifying malicious programs, detecting software plagiarism, and finding vulnerabilities. I will introduce a brand new binary code analysis technique that learns from Natural Language Processing, an area remote from code analysis, to extract useful semantic information from binary code. Dr. Qiang Zeng is an Assistant Professor in the Department of Computer & Information Sciences at Temple University. He received his Ph.D. in Computer Science and Engineering from the Pennsylvania State University, and his B.E. and M.E. degrees in Computer Science and Engineering from Beihang University, China. He has rich industry experiences and ever worked in the IBM T.J. Watson Research Center, the NEC Lab America, Symantec and Yahoo. Dr. Zeng’s main research interest is Systems and Software Security. He currently works on IoT Security, Mobile Security, and deep learning for solving security problems. He has published papers in PLDI, NDSS, MobiSys, CGO, DSN and TKDE. Date: Mar. 21 2018 Time: 10:15-11:15 am Place: Innovation Center, Room 2277