KAIST Graduate School of Information Security

2023.11.21(화) 정보보호대학원 2023년 가을학기 콜로퀴움 - 권태경
작성일2023-11-15
정보보호대학원에서는 11월 21일 오후 4시에 아래와 같이 콜로퀴움을 개최하고자 합니다. 많은 참석 부탁드립니다. o 일 시: 23. 11. 21(화) 16:00~ o 주 제: BoKASAN: Selective Sanitization and Beyond o 강 사: 권태경 (연세대, 교수) o 장 소: 오프라인(N1동 201호) ※ 세미나 시작시간 5분전에 준비하여 주세요. ㅡㅡㅡ ♣ Title: BoKASAN: Selective Sanitization and Beyond ♣ Abstract BoKASAN is a pioneering implementation of a practical binary-only Kernel Address Sanitizer (KASAN) designed to efficiently conduct address sanitization through dynamic instrumentation across entire kernel binaries. This innovative approach, named selective sanitization, primarily focuses on identifying and sanitizing target processes while significantly reducing the performance overhead often associated with dynamic instrumentation. BoKASAN leverages the insight that kernel bugs are predominantly relevant to processes initiated by a fuzzer. By selectively sanitizing memory regions related to these processes and leaving the rest unsanitized, BoKASAN achieves effective kernel fuzzing. In terms of performance and efficacy, BoKASAN demonstrates practical applicability in closed-source systems. It achieves compiler-level performance similar to KASAN, even on binary-only kernels and modules. When evaluated, BoKASAN detected slightly more bugs in the Janus dataset and slightly fewer in the Syzkaller/SyzVegas dataset compared to traditional KASAN. Notably, it identified an equal number of unique bugs within a 5-day fuzzing period and executed a similar number of basic blocks. This innovative tool has also proven effective in discovering bugs in binary modules for both Windows and Linux kernels. The results underscore the impact of selective sanitization in its performance and bug detection capabilities. ♣ Bio Taekyoung Kwon's research interests primarily lie in information security, encompassing areas such as AI security, applied cryptography, authentication, security protocols, software security, and system security. He joined Yonsei University in the fall of 2013 as a Professor at the Graduate School of Information, where he established the Information Security and AI Security Laboratory (SEC Lab). Prior to his tenure at Yonsei University, he served as a Professor of Computer Engineering at Sejong University, and he completed his postdoctoral research at U.C. Berkeley. He received his Ph.D., M.S., and B.S. degrees in Computer Science from Yonsei University.

2023.11.21(화) 정보보호대학원 2023년 가을학기 콜로퀴움 - 권태경

작성일2023-11-15

정보보호대학원에서는 11월 21일 오후 4시에 아래와 같이 콜로퀴움을 개최하고자 합니다. 많은 참석 부탁드립니다.

o 일 시: 23. 11. 21(화) 16:00~
o 주 제: BoKASAN: Selective Sanitization and Beyond
o 강 사: 권태경 (연세대, 교수)
o 장 소: 오프라인(N1동 201호)

※ 세미나 시작시간 5분전에 준비하여 주세요.

ㅡㅡㅡ

♣ Title: BoKASAN: Selective Sanitization and Beyond

♣ Abstract
BoKASAN is a pioneering implementation of a practical binary-only Kernel Address Sanitizer (KASAN) designed to efficiently conduct address sanitization through dynamic instrumentation across entire kernel binaries. This innovative approach, named selective sanitization, primarily focuses on identifying and sanitizing target processes while significantly reducing the performance overhead often associated with dynamic instrumentation. BoKASAN leverages the insight that kernel bugs are predominantly relevant to processes initiated by a fuzzer. By selectively sanitizing memory regions related to these processes and leaving the rest unsanitized, BoKASAN achieves effective kernel fuzzing.
In terms of performance and efficacy, BoKASAN demonstrates practical applicability in closed-source systems. It achieves compiler-level performance similar to KASAN, even on binary-only kernels and modules. When evaluated, BoKASAN detected slightly more bugs in the Janus dataset and slightly fewer in the Syzkaller/SyzVegas dataset compared to traditional KASAN. Notably, it identified an equal number of unique bugs within a 5-day fuzzing period and executed a similar number of basic blocks. This innovative tool has also proven effective in discovering bugs in binary modules for both Windows and Linux kernels. The results underscore the impact of selective sanitization in its performance and bug detection capabilities.

♣ Bio
Taekyoung Kwon's research interests primarily lie in information security, encompassing areas such as AI security, applied cryptography, authentication, security protocols, software security, and system security. He joined Yonsei University in the fall of 2013 as a Professor at the Graduate School of Information, where he established the Information Security and AI Security Laboratory (SEC Lab). Prior to his tenure at Yonsei University, he served as a Professor of Computer Engineering at Sejong University, and he completed his postdoctoral research at U.C. Berkeley. He received his Ph.D., M.S., and B.S. degrees in Computer Science from Yonsei University.

목록으로