College of Computing Assistant Professor Bo Chen, Computer Science, and his graduate students presented two posters at the 41st IEEE Symposium on Security and Privacy, which took place online May 18 to 21, 2020.
Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.
Chen’s research focuses on applied cryptography and data security and he investigates novel techniques to protect sensitive data in mobile devices/flash storage media and cloud infrastructures. Chen is also interested in designing novel techniques to ensure security and privacy of big data.
Chen will serve as general chair for the First EAI International Conference on Applied Cryptography in Computer and Communications (AC3), which will be held in Xiamen, China, in May 2021.
Visit Bo Chen’s faculty webpage here.
Poster: A Secure Plausibly Deniable System for Mobile Devices against Multi-snapshot Adversaries
Authors: Bo Chen, Niusen Chen
Abstract: Mobile computing devices have been used broadly to store, manage and process critical data. To protect confidentiality of stored data, major mobile operating systems provide full disk encryption, which relies on traditional encryption and requires keeping the decryption keys secret. This however, may not be true as an active attacker may coerce victims for decryption keys. Plausibly deniable encryption (PDE) can defend against such a coercive attacker by disguising the secret keys with decoy keys. Leveraging concept of PDE, various PDE systems have been built for mobile devices. However, a practical PDE system is still missing which can be compatible with mainstream mobile devices and, meanwhile, remains secure when facing a strong multi- snapshot adversary. This work fills this gap by designing the first mobile PDE system against the multi-snapshot adversaries.
Poster: Incorporating Malware Detection into Flash Translation Layer
Authors: Wen Xie, Niusen Chen, Bo Chen
Abstract: OS-level malware may compromise OS and obtain root privilege. Detecting this type of strong malware is challeng- ing, since it can easily hide its intrusion behaviors or even subvert the malware detection software (or malware detector). Having observed that flash storage devices have been used broadly by computing devices today, we propose to move the malware detector to the flash translation layer (FTL), located inside a flash storage device. Due to physical isolation provided by the FTL, the OS-level malware can neither subvert our malware detector, nor hide its access behaviors from our malware detector.
The 41st IEEE Symposium on Security and Privacy was sponsored by the IEEE Computer Society Technical Committee on Security and Privacy in cooperation with the International Association for Cryptologic Research. The Symposium was May 18-20, 2020, and the Security and Privacy Workshops were May 21, 2020.