In This Story
Khaled N. Khasawneh,聽assistant professor in the Electrical and Computer Engineering聽Department at 亚洲AV, contributed significant research and work to two papers which have been recognized in the area of hardware security.
Researchers in Khasawneh鈥檚 CAMLsec Lab Identified a New Vulnerability in the Cloud Scheduler
A paper entitled was written as part of a collaborative research effort with University of California (UC)- Davis and 亚洲AV. Along with his collaborators at UC Davis, Khasawneh helped to discover a new vulnerability in cloud schedulers, which could inadvertently allow targeted micro-architectural attacks in the cloud.聽This paper pointed out that certain features in the cloud scheduler enables arbitrary users to influence scheduling results. This can help attackers co-locate attacker鈥檚 code with a targeted victim鈥檚 code in a heterogeneous cloud, which enables a wide variety of micro-architectural attacks that leak sensitive data.
鈥淭he current design of scheduling algorithms in the cloud focuses on enhancing workloads performance, resource utilization, and load-balancing without security considerations, which may bring new vulnerability as we showed in our work,鈥 says Khasawneh.
The paper is accepted for publication at the 2022 Network and Distributed System Security Symposium (NDSS), and will be presented there in April.
This paper is co-authored with Behnam Omidi, a second year PHD student within the Electrical and Computer Engineering Department. His research focuses on discovering systems vulnerabilities and hardware support to secure computing systems.
Khasawneh鈥擮midi鈥檚 advisor-- says this paper was a great opportunity to gain useful knowledge as it was a tremendous collaborative effort between both schools.
鈥淚鈥檓 more of an expert in microarchitecral attacks, and our co-collaborators at UC Davis, led by Dr. Homayoun, brings expertise of cloud computing and resource scheduling,鈥 says Khasawneh.
Khasawneh鈥檚 Paper Selected as a Top Pick in Architecture and Hardware Security 2021
A paper co-authored by Khasawneh was selected as a
The top picks in architecture and embedded security represent the top and most impactful papers that have been published in the area in the last six years, from 2015 to 2020. Top picks are selected from conference papers that have appeared in leading hardware security conferences including but not limited to DAC, ICCAD, DATE, ASPDAC, HOST, Asian HOST, GLSVLSI, VLSI Design, CHES, ETS, VTS, ITC, S&P, Usenix Security, CCS, NDSS, ISCA, MICRO, ASPLOS, HPCA, HASP, ACSAC, Euro S&P, and Asia CCS.
The top pick paper is titled 鈥 鈥 and had previously won the best paper award in the USENIX Workshop on Offensive Technologies (WOOT) in 2018. This paper discovers a new class of Spectre attack, called SpectreRSB, that exploits the return stack buffer (), which is used in modern CPUs to help predict return addresses, instead of the branch predictor unit. SpectreRSB allows malicious software to steal passwords, keys, and other sensitive information, from memory it shouldn't be allowed to touch.
According to Khasawneh, Linux kernel released a to protect against SpectreRSB vulnerability ().