Posts by Collection

portfolio

publications

Game of Threads: Enabling Asynchronous Poisoning Attacks

Published in ASPLOS, 2020 (Full Paper | bibtex | Plain Text)

Our attack influences training outcome—e.g., degrades model accuracy or biases the model towards an adversary-specified label—purely by scheduling asynchronous training threads in a malicious fashion. Since thread scheduling is outside the protections of modern trusted execution environments (TEEs), e.g., Intel SGX, our attack bypasses these protections even when the training set can be verified as correct.

Opening Pandora’s Box: A Systematic Study of New Ways Microarchitecture Can Leak Private Data

Published in ISCA, 2021 (Full Paper | bibtex | Plain Text)

Our study uncovers seven classes of microarchitectural optimization with novel security implications, proposes a conceptual framework through which to study them and demonstrates several proofs-of-concept to show their efficacy. The optimizations we study range from those that leak as much privacy as Spectre/Meltdown (but without exploiting speculative execution) to those that otherwise undermine security-critical programs in a variety of ways.

Augury: Using data memory-dependent prefetchers to leak data at rest

Published in IEEE S&P, 2022 (Full Paper | bibtex | Plain Text)

Our experiments demonstrate the existence of a pointer-chasing DMP on recent Apple processors, including the A14 and M1. We then reverse engineer the details of this DMP to determine the opportunities for and restrictions it places on attackers using it. Finally, we demonstrate several basic attack primitives capable of leaking pointer values using the DMP.

talks

Sensor Privacy in an Untrusted World

Published:

Presented an early version of “Guaranteeing Local Differential Privacy on Ultra-Low-Power Systems,” as Part of the Lawrence Technological University Alumni Career Series.

teaching

Teaching experience 1

Undergraduate course, University 1, Department, 2014

This is a description of a teaching experience. You can use markdown like any other post.

Teaching experience 2

Workshop, University 1, Department, 2015

This is a description of a teaching experience. You can use markdown like any other post.