Professor - System Security Lab
Mornewegstrasse 32
D-64293 Darmstadt
GERMANY
Room: | 4.1.06 |
Tel: | +49 (0)6151 16 - 25328 |
Email: | ahmad.sadeghi(a-t)trust.tu-darmstadt.de PGP-Key S/MIME Certificate |
Website: | http://trust.tu-darmstadt.de |
Ahmad-Reza Sadeghi is a full Professor of Computer Science at the Technische Universität Darmstadt, in Germany, where he heads the System Security Lab. Since January 2012 he is also the Director of Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU Darmstadt. He is a member of the profile area CYSEC of TU Darmstadt.
He received his PhD in Computer Science with the focus on privacy protecting cryptographic protocols and systems from the University of Saarland in Saarbrücken, Germany. Prior to academia, he worked in Research and Development of Telecommunications enterprises, amongst others Ericson Telecommunications. He has been leading and involved in a variety of national and international research and development projects on design and implementation of Trustworthy Computing Platforms and Trusted Computing, Security Hardware, and Applied Cryptography. He has been serving as general or program chair as well as program committee member of major conferences and workshops in Information Security and Privacy. He is Editor-In-Chief of IEEE Security and Privacy Magazine, and on the editorial board of ACM Books. He served 5 years on the editorial board of the ACM Transactions on Information and System Security (TISSEC), and was guest editor of the IEEE Transactions on Computer-Aided Design (Special Issue on Hardware Security and Trust).
Prof. Sadeghi has been awarded with the renowned German prize “Karl Heinz Beckurts” for his research on Trusted and Trustworthy Computing technology and its transfer to industrial practice. The award honors excellent scientific achievements with high impact on industrial innovations in Germany. Further, his group received German IT Security Competition Award 2010.
"This book will prove to be very interesting for professionals in the hardware security field. It covers almost every aspect of this area, with excellent papers written by experts."
Javier Castillo, ACM Computing Reviews, June 2011
ACM Books, Area Editor (Security and Privacy)
Author | Stephen Crane, Christopher Liebchen, Andrei Homescu, Lucas Davi, Per Larsen, Ahmad-Reza Sadeghi, Stefan Brunthaler, Michael Franz |
---|---|
Date | May 2015 |
Kind | Inproceedings |
Book title | 36th IEEE Symposium on Security and Privacy (Oakland) |
Key | TUD-CS-2015-0035 |
Research Areas | CASED, CROSSING, ICRI-SC, System Security Lab, Secure Things, Solutions, S2, CYSEC |
Abstract | Code-reuse attacks such as return-oriented programming (ROP) pose a severe threat to modern software. Designing practical and effective defenses against code-reuse attacks is highly challenging. One line of defense builds upon fine-grained code diversification to prevent the adversary from constructing a reliable code-reuse attack. However, all solutions proposed so far are either vulnerable to memory disclosure or are impractical for deployment on commodity systems. In this paper, we address the deficiencies of existing solutions and present the first practical, fine-grained code randomization defense, called Readactor, resilient to both static and dynamic ROP attacks. We distinguish between direct memory disclosure, where the attacker reads code pages, and indirect memory disclosure, where attackers use code pointers on data pages to infer the code layout without reading code pages. Unlike previous work, Readactor resists both types of memory disclosure. Moreover, our technique protects both statically and dynamically generated code. We use a new compiler-based code generation paradigm that uses hardware features provided by modern CPUs to enable execute-only memory and hide code pointers from leakage to the adversary. Finally, our extensive evaluation shows that our approach is practical---we protect the entire Google Chromium browser and its V8 JIT compiler---and efficient with an average SPEC CPU2006 performance overhead of only 6.4%. |