Dong Hoon Lee scite author profile

Control-flow integrity (CFI) is considered a principled mitigation against control-flow hijacking even under the most powerful attacker who can arbitrarily write and read memory. However, existing schemes still demonstrated limitations in either guaranteeing high security level or achieving low performance and memory overhead. These limitations have restricted the application of CFI in real software.To improve its applicability similar to mandatory protection schemes such as DEP and ASLR, it is essential to improve both high security guarantee and low overhead. In this paper, we propose "BGCFI", which is a fine-grained CFI based on a Bipartite Graph. The relationship between an indirect branch and a valid target address at the branch is represented by an edge in the bipartite graph. The verification of the indirect branch is achieved by checking the existence of the corresponding edge in the bipartite graph. The verification method for fine-grained CFI results in more efficiency on both computational and memory overhead, while completely preserving high security guarantee. We demonstrate our results through the implementation of a proof-of-concept module and evaluation on the SPEC CPU 2017 suite and the Firefox browser.INDEX TERMS Control-flow hijacking, control-data attack, control-flow integrity (CFI).

show abstract

Parallelly Running and Privacy-Preserving k-Nearest Neighbor Classification in Outsourced Cloud Computing Environments

Park

Lee

2022

Electronics

View full text Add to dashboard Cite

Classification is used in various areas where k-nearest neighbor classification is the most popular as it produces efficient results. Cloud computing with powerful resources is one reliable option for handling large-scale data efficiently, but many companies are reluctant to outsource data due to privacy concerns. This paper aims to implement a privacy-preserving k-nearest neighbor classification (PkNC) in an outsourced environment. Existing work proposed a secure protocol (SkLE/SkSE) to compute k data with the largest/smallest value privately, but this work discloses information. Moreover, SkLE/SkSE requires a secure comparison protocol, and the existing protocols also contain information disclosure problems. In this paper, we propose a new secure comparison and SkLE/SkSE protocols to solve the abovementioned information disclosure problems and implement PkNC with these novel protocols. Our proposed protocols disclose no information and we prove the security formally. Then, through extensive experiments, we demonstrate that the PkNC applying the proposed protocols is also efficient. Especially, the PkNC is suitable for big data analysis to handle large amounts of data, since our SkLE/SkSE is executed for each dataset in parallel. Although the proposed protocols do require efficiency sacrifices to improve security, the running time of our PkNC is still significantly more efficient compared with previously proposed PkNCs.

show abstract

ErrIDS: An Enhanced Cumulative Timing Error-Based Automotive Intrusion Detection System

Lee

Choi

et al. 2023

IEEE Trans. Intell. Transport. Syst.

View full text Add to dashboard Cite

From Attack to Identification: MEMS Sensor Fingerprinting Using Acoustic Signals

Lee

2023

IEEE Internet Things J.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Dong Hoon Lee

G-IDCS: Graph-Based Intrusion Detection and Classification System for CAN Protocol

BGCFI: Efficient Verification in Fine-Grained Control-Flow Integrity Based on Bipartite Graph

Parallelly Running and Privacy-Preserving k-Nearest Neighbor Classification in Outsourced Cloud Computing Environments

ErrIDS: An Enhanced Cumulative Timing Error-Based Automotive Intrusion Detection System

From Attack to Identification: MEMS Sensor Fingerprinting Using Acoustic Signals

Contact Info

Product

Resources

About