*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Building Trust in the User I/O in Computer Systems
Yeongjin Jang
School of Computer Science
College of Computing
Georgia Institute of Technology
Date: Monday, May 1st, 2017
Time: 12:00pm - 2:00pm
Location: Klaus 3126
Committee
--------------------
Dr. Wenke Lee (Advisor), School of Computer Science, Georgia Institute of Technology
Dr. Taesoo Kim (co-advisor), School of Computer Science, Georgia Institute of Technology
Dr. Mustaque Ahamad, School of Computer Science, Georgia Institute of Technology
Abstract
--------------------
User input plays an important role in computer security because it
can control system behavior and make security decisions in the system.
System output to users, or user output, is also important because
it often contains security-critical information that must be protected
in terms of integrity and confidentiality, such as passwords and user's
private data. Despite the importance of user input and output (I/O),
modern computer systems often fail to provide basic security guarantees
on them, which has resulted in serious security breaches.
My dissertation research aims to build trust in the user I/O in computer
systems and keep systems secure by blocking attack pathways. To this end,
I analyze user I/O path on popular platforms including desktop operating
systems, mobile operating systems, and trusted execution environments
such as Intel SGX, and then develop systems that guarantee three key
security properties of user I/O: integrity, confidentiality, and authenticity.
First, Gyrus addresses the integrity of user input by matching the user's
original input with the content of outgoing network traffic and authorizing
user-intended network transactions. Second, M-Aegis addresses the
confidentiality of user I/O by implementing an encryption layer on top of
user interface layer that provides user-to-user encryption. Third,
the A11y Attack addresses the importance of verifying user I/O authenticity
by demonstrating twelve new attacks, which stem from missing proper security
checks to verify input sources and output destinations on alternative user
I/O paths in operating systems.
Finally, to establish trust in user I/O, I propose a system called SGX-USB,
which combines three security properties to ensure the assurance of user I/O.
SGX-USB establishes a trusted communication channel between the USB
controller and an enclave instance of Intel SGX. The system supports common
user input devices such as a keyboard and a mouse over the trusted channel,
which guarantees the assurance of user input. Having assurance in user I/O
allows the computer system to securely handle commands and data from
the user and eliminate attacks to I/O paths.
