InForSec@RAID 2019: 网络空间安全国际前沿学术研讨会

时间:2019年9月22日 14:00~17:30









第22届网络攻防国际学术会议(The 22nd International Symposium on Research in Attacks, Intrusions, and Defenses,RAID 2019)将于2019年9月23-25日在北京召开。这是RAID国际会议创办22年以来,第一次进入中国。

RAID2019 workshop将于9月22日下午,由清华大学网络科学与网络空间研究院主办,中科院软件所和网络安全研究国际学术论坛InForSec联合承办,邀请美国、新加坡等国内外知名学人分享网络攻防最新研究成果和国际最新技术进展。



张殷乾   俄亥俄州立大学教授


Enhancing Intel SGX with Better Security and Privacy


Intel Software Guard Extensions (SGX) is an emerging hardware feature available in modern Intel processors, which provides software applications a Trusted Execution Environment (TEE) to protect their code and data from untrusted system software.  Being one of the most game-changing technologies, SGX has attracted considerable interests from both academia and industry since its debut. However, the security promises of SGX do not directly lead to strong security and privacy of software running in the TEEs. This talk will cover two research directions for enhancing Intel SGX with better security and privacy. First, it presents a set of compiler-assisted tools for protecting against side-channel attacks; second, it presents an open remote attestation framework for enhancing the openness, privacy, and performance of Intel’s current attestation model.


Prof. Yinqian Zhang is an Associate Professor of the Department of Computer Science and Engineering at The Ohio State University. His research interests span across multiple domains of computer security, including cloud security, mobile security, IoT security, software security, trusted computing, user authentication, etc. His research has been frequently published at top-tier security venues, such as IEEE S&P, ACM CCS, USENIX Security, and NDSS. Prof. Zhang was a recipient of the Google Ph.D. Fellowship in Security in 2013, CAREER Award from the National Science Foundation in 2018, Lumley Research Award and Outstanding Teaching Award from the Ohio State University in 2019, and Rising Star Award from the Association of Chinese Scholars in Computing in 2019.

李洲 加州大学尔湾分校(University of California, Irvine) 助理教授




蓝牙(Bluetooth)协议已被广泛的应用于各种通信场景,例如手机和物联网。虽然蓝牙协议本身考虑到了安全问题并且说明了验证,加密,授权该如何实现,蓝牙设备(手机和外设)是否正执行这些标准并没有被系统的研究过。我们在今年NDSS的研究中发现在手机端(主要是Android),问题存在,并且不少。由于安卓对于蓝牙配置(Bluetooth Profile)的粗粒度管理,一个恶意的外设可以轻易地获得各种安卓系统权限,并且用户很难发现。基于此我们实现了各种蓝牙攻击(命名为BadBluetooth)并且在安卓上测试成功。同时,我们实现了一个细粒度的蓝牙配置管理模型来解决这些问题。通过与Google和高通的沟通,部分问题已经得到修复。


李洲是加州大学尔湾分校(University of California, Irvine)的助理教授。他的主要研究方向是大数据安全分析,侧信道,互联网测量以及物联网(IoT)安全。他在四大顶级安全会议(IEEE S&P,ACM CCS,Usenix Security,NDSS)都有文章发表,总计17篇。他同时常年在这些会议的评审委员会任职。在加入尔湾分校之前,他在安全公司RSA Security担任首席研究科学家接近五年。多项研究成果已被集成入公司产品。

蔡镇隆 新加坡国立大学助理研究员


Towards a knowledge-oriented future for binary analysis


Binary analysis is a fundamental technique in software and system security. It has a wide range of applications, such as vulnerability discovery, attack response, malware analysis, and software testing and debugging. Due to the lack of high-level semantics and complex program behaviors, it is challenging for binary analysis solutions to scale up to large real-world binaries in practice. Existing solutions are often task-driven and bounded by a practical time limit, hindering a comprehensive understanding of programs and making it difficult to integrate different solutions. In this talk, we discuss our solutions, reflections, and ongoing efforts in scaling up binary analysis in a knowledge-oriented manner. We believe knowledge accumulation is the key to scale up binary analysis, where binary analysis solutions generate understandings that can be shared and reused in other solutions. Our investigation includes techniques for knowledge extraction, tools for knowledge integration, and platforms for knowledge accumulation and sharing. The accumulated knowledge not only allows broader and deeper analysis into binaries, but it also enables emerging data-driven and learning techniques to be effectively adopted in binary analysis tasks.


Dr CHUA Zheng Leong is currently a research fellow working at National University of Singapore (NUS). He co-founded NUSGreyhats, a security special interest group in NUS, participating in CTFs and vulnerability research in his free time. His publications range from data-oriented attacks and side channels to applications of learning on binary analysis. His thesis work aims to alleviate the pain of binary analysis through the introduction of an alternate, knowledge-oriented, paradigm for binary analysis where traditional binary analysis techniques are combined with machine learning and community effort to provide and manage large, diverse sources of knowledge about a binary. He received his Ph.D. degree in Computer Science from NUS in 2019 and his B.Comp in Computer Science from NUS in 2012.

李琦  清华大学网研院副教授






李琦目前为清华大学副教授,研究兴趣包括互联网和云安全、移动安全以及大数据安全。研究成果被谷歌和腾讯等采纳,曾获得了2017年北京市科学技术二等奖等荣誉。发表论文包括USENIX Security、ACM CCS和IEEE/ACM汇刊等会议和期刊论文。目前是IEEE TDSC和ACM DTRAP等国际期刊的编委,国际会议RAID 2019会议副主席、以及NDSS和ACSAC等会议的程序或组织委员会委员。

尹恒  加州大学河滨分校教授


Firm-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation


Cyber attacks against IoT devices are a severe threat. These attacks exploit software vulnerabilities in IoT firmware. Fuzzing is an effective software testing technique for finding these vulnerabilities so they can be patched. In this work, we present FIRM-AFL, the first high-throughput greybox fuzzer for IoT firmware. FIRM-AFL addresses two fundamental problems in IoT fuzzing. First, it addresses compatibility issues by enabling fuzzing for POSIX-compatible firmware that can be emulated in a system emulator. Second, it addresses the performance bottleneck caused by system-mode emulation with a novel technique called augmented process emulation. By integrating system-mode emulation and usermode emulation, augmented process emulation provides high compatibility as system-mode emulation and high throughput as user-mode emulation. Our evaluation results show that (1)FIRM-AFL is fully functional and capable of finding real world vulnerabilities in IoT programs and (2) the throughput of FIRM-AFL is on average 10 times higher than system-mode emulation based fuzzing; and (3) FIRM-AFL is able to find 1-day vulnerabilities much faster than system-mode emulation based fuzzing, and is able to find 0-day vulnerabilities. 


Dr. Heng Yin is an associate professor in the department of Computer Science and Engineering at University of California, Riverside. He is the director of CRESP (Center for Research and Education in Cyber Security and Privacy) at UCR. He obtained his PhD degree from College of William and Mary in 2009, and MS and BS from Huazhong University of Science and Technology in 2002 and 1999. His research interests lie in computer security, with emphasis on binary code analysis. His publications appear in top-notch technical conferences and journals, such as ACM CCS, USENIX Security, NDSS, TSE,TDSC, etc. His research is sponsored by National Science Foundation (NSF), Defense Advanced Research Projects Agency (DARPA), Air Force Office of Scientific Research (AFOSR), and Office of Navy Research (ONR). In 2011, he received prestigious NSF Career award. He was the technical co-lead of CodeJitsu, one of the seven finalists in DARPA Cyber Grand Challenge.