Dinghao Wu, Assistant Professor, College of Information Sciences and Technology

The Pennsylvania State University

Lock-free Concurrent Security Monitoring

Tuesday, April 23, 4:00 PM

Packard Lab Room 466

Abstract: Security enforcement inlined into user threads often delays the protected programs. Inlined sequential program monitoring also has difficulty in enforcing concurrency properties. In this talk, I will present software cruising, a novel technique that migrates security enforcement to a concurrent monitor thread. The technique leverages multicore and multiprocessor architectures and uses lock-free data structures to achieve non-blocking and efficient synchronization between the monitor and user threads.

I will present two lock-free concurrent security monitoring tools: Cruiser, for user-space heap buffer overflow monitoring, and Kruiser, for kernel-space heap buffer overflow monitoring. Our experiments show that they are efficient and scalable, with modest execution overhead and detection delay. Kruiser further leverages kernel memory management and virtualization to achieve efficient and secure monitoring with guaranteed overflow detection. I will also present some future applications of lock-free security monitoring.

Bio: Dinghao Wu is an Assistant Professor in the College of Information Sciences and Technology at The Pennsylvania State University. He received his Ph.D. in Computer Science from Princeton University in 2005. He was a research engineer at Microsoft in the Center for Software Excellence and the Windows Azure Division before joined Penn State. Dinghao does research on software systems, including software security, analysis, verification, software engineering, and programming languages.
He has worked on foundational proof-carrying code, typed assembly languages, program analysis, and software and systems security projects. His current projects include lock-free concurrent security monitoring, real-time concurrent information flow tracking, and semantics-based software plagiarism detection. He also leads a project on cloud computing for energy and environmental sustainability. While at Microsoft, Dinghao worked on a number of /influential and massively deployed/ program analysis and verification tools. His KISS work pioneered /sequentialization/, a program analysis and verification technique for checking concurrency properties using sequential program analysis, and has been followed by many researchers.

© 2014-2016 Computer Science and Engineering, P.C. Rossin College of Engineering & Applied Science, Lehigh University, Bethlehem PA 18015.