1) Embedded Systems and IoT Security
IoT devices have become more prevalent, but unfortunately, they frequently lack the necessary security mechanisms to safeguard themselves from malware attacks. This is often due to cost, size, or power constraints. To address this issue, our project aims to develop lightweight security techniques based on the hardware-software co-design principle. Our main objective is to minimize hardware costs (or use existing low-cost secure hardware, e.g., TrustZone-M TEE) while still providing provable security guarantees, even for low-cost IoT devices. To date, we have successfully developed the following techniques:
- Secure federated applications against poisoning attacks: [IEEE TIFS25]
- Remote attestation: [WiSec17, DATE18, HOST18, AsiaCCS18, SEC19, CCS21]
- Software update, reset, and erasure: [EMSOFT18, ICCAD19]
- Proof of execution: [SEC20, DAC22, Oakland25]
- HW/SW verification: [ICCAD19, SEC19, SEC20]
- Control-flow attestation + Run-time auditing: [SEC23, ACSAC24]
2) ML/AI Security
ML/AI technologies have become globally transformative, and we focus on the security of their deployment. Our research follows two complementary directions. First, we investigate fundamental security and privacy phenomena inherent to ML systems. For example, in our prior work, we studied large language model (LLM) memorization in federated learning settings, analyzing how sensitive information may be unintentionally retained and exposed. Second, we design and build systems that strengthen the security of ML deployment in practice. In particular, we developed a secure architecture, called SLAPP, suitable even for constrained devices, enabling verifiable federated learning training for service providers while preserving strong security/privacy guarantees.
3) Binary Analysis
Outdated libraries, misuse of cryptographic primitives, and algorithmic weaknesses are some of the exploitable vulnerabilities that may exist in legacy software. Fixing these vulnerabilities can be challenging and time-consuming, especially when the source code is not available. Therefore, in this project, we aim to propose frameworks that can identify and patch vulnerabilities in legacy binaries with minimal manual intervention required from developers. Our first work successfully identified various outdated cryptographic hash functions present in legacy binaries and proposed a novel approach to patching them. We aim to expand on this first work for identifying and patching different types of vulnerabilities. Recent work built upon this idea to detect quantum-vulnerable software binaries.