Prof. Dr. Ing. Ahmad-Reza Sadeghi

Professor - System Security Lab

Mornewegstrasse 32
D-64293 Darmstadt
GERMANY

Room:4.1.06
Tel:+49 (0)6151 16 - 25328
Email:

ahmad.sadeghi(a-t)trust.tu-darmstadt.de  PGP-Key  S/MIME Certificate

Website:http://​trust.​tu-darmstadt.​de

 

 

Short CV

Ahmad-Reza Sadeghi is a full Professor of Computer Science at the Technische Universität Darmstadt, in Germany, where he heads the System Security Lab.  Since January 2012 he is also the Director of Intel Collaborative Research Institute for Secure Computing (ICRI-SC) at TU Darmstadt. He is a member of the profile area CYSEC of TU Darmstadt.

He received his PhD in Computer Science with the focus on privacy protecting cryptographic protocols and systems from the University of Saarland in Saarbrücken, Germany. Prior to academia, he worked in Research and Development of Telecommunications enterprises, amongst others Ericson Telecommunications.  He has been leading and involved in a variety of national and international research and development projects on design and implementation of Trustworthy Computing Platforms and Trusted Computing, Security Hardware, and Applied Cryptography. He has been serving as general or program chair as well as program committee member of major conferences and workshops in Information Security and Privacy. He is Editor-In-Chief of IEEE Security and Privacy Magazine, and on the editorial board of ACM Books. He served 5 years on the editorial board of the ACM Transactions on Information and System Security (TISSEC), and was guest editor of the IEEE Transactions on Computer-Aided Design (Special Issue on Hardware Security and Trust).

Prof. Sadeghi has been awarded with the renowned German prize “Karl Heinz Beckurts” for his research on Trusted and Trustworthy Computing technology and its transfer to industrial practice. The award honors excellent scientific achievements with high impact on industrial innovations in Germany. Further, his group received German IT Security Competition Award 2010. 

 

Book: Towards Hardware-Intrinsic Security 

"This book will prove to be very interesting for professionals in the hardware security field. It covers almost every aspect of this area, with excellent papers written by experts."

Javier Castillo, ACM Computing Reviews, June 2011

Academic Activities

 

ACM Books, Area Editor (Security and Privacy)

General Chair

  • ACM Conference on Computer and Communications Security (ACM CCS) 2013
  • International Conference on Trust and Trustworthy Computing (TRUST) 2010

Program (Co-) Chair

  • Financial Cryptography and Data Security (FC) 2013
  • ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec) 2013
  • International Conference on Cryptology and Network Security (CANS) 2012
  • International Workshop on Trustworthy Embedded Devices (TrustED) 2012
  • SecureCloud 2012
  • ACM Workshop on Digital Rights Management (ACM DRM) 2011
  • ACM Workshop on Scalable Trusted Computing (ACM STC) 2011
  • International Conference on Trust and Trustworthy Computing (TRUST) 2011

Program Committee

  • IEEE Workshop on Mobile Security Technologies (MoST), co-located with IEEE S&P, 2013
  • IEEE Symposium on Security & Privacy (IEEE S&P) 2013
  • ACM Conference on Computer and Communications Security (ACM CCS) 2012
  • Network & Distributed System Security Symposium (NDSS) 2013, 2012
  • ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec) 2012
  • European Symposium on Research in Computer Security (ESORICS) 2013, 2012, 2011
  • ACM Symposium on Information, Computer and Communications Security (AsiaCCS) 2013, 2012
  • ACM Conference on Data and Application Security and Privacy (CODASPY) 2013
  • ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (ACM SPSM) 2012
  • ACM Cloud Computing Security Workshop (ACM CCSW) 2012
  • Workshop on RFID Security and Privacy (RFIDSec) 2012
  • Conference on Privacy, Security and Trust (PST) 2012
  • ACM SIGHIT International Health Informatics Symposium (IHI) 2012
  • IEEE International Workshop on Information Forensics and Security (WIFS) 2012
  • IEEE Symposium on Hardware-Oriented Security and Trust (HOST) 2012, 2009
  • Information Hiding Conference (IH) 2012, 2011
  • International Conference on Current Trends in Theory and Practice of Computer Science (SOFSEM) 2012, 2011
  • International Multidisciplinary Privacy Award (CPDP MPA) 2012, 2011
  • Smart Card Research and Advanced Application Conference (CARDIS) 2012
  • Financial Cryptography and Data Security (FC) 2011, 2006, 2005
  • Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2011, 2005
  • International Conference on Applied Cryptography and Network Security (ACNS) 2011, 2010
  • International Conference on Information Security and Cryptology (ISISC) 2011
  • Computer & Electronics Security Applications Rendez-vous (C&ESAR) 2011
  • International Conference on Network and System Security (NSS) 2011
  • International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom) 2011
  • International Conference on Trusted Systems (INTRUST) 2011, 2010, 2009
  • International Workshop on Trustworthy Embedded Devices (TrustED) 2011
  • Workshop on Lightweight Security & Privacy: Devices, Protocols, and Applications (LightSec) 2011
  • Workshop on Real-Life Cryptographic Protocols and Standardization (RLCPS) 2011, 2010
  • Workshop on Secure Data Management (SDM) 2011
  • International Conference on E-voting and Identity (VoteID) 2009
  • ACM Workshop on Scalable Trusted Computing (ACM STC) 2008, 2006
  • Benelux Workshop on Information and System Security 2006
  • International Conference on Cryptology in India (INDOCRYPT) 2006
  • International Workshop on Digital Watermarking (IWDW) 2006
  • International Workshop on Information Security Applications (WISA) 2006
  • Workshop on Advances in Trusted Computing (WATC) 2006
  • ACM Workshop on Digital Rights Management (ACM DRM) 2005, 2004, 2003
  • Information Security and Hiding (ISH) 2005
  • New Security Paradigm Workshop (NSPW) 2005, 2004
  • SKOLIS Conference on Information Security and Cryptography (CISC) 2005
  • European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS) 2004

Publications

Return to Where? You Can't Exploit What You Can't Find

Author Stephen Crane, Christopher Liebchen, Andrei Homescu, Lucas Davi, Per Larsen, Ahmad-Reza Sadeghi, Stefan Brunthaler, Michael Franz
Date August 2015
Kind Inproceedings
Book titleBlackhat USA
KeyTUD-CS-2015-0103
Research Areas ICRI-SC, CASED, CROSSING, System Security Lab, Secure Things, Solutions, S2
Abstract Detecting and preventing exploitation of memory corruption vulnerabilities is highly challenging. Until now, no countermeasure has been able to fully prevent sophisticated exploitation techniques, such as return-oriented programming (ROP). Recent control-flow integrity (CFI) defenses from Google and Microsoft can be bypassed by constructing a ROP payload that adheres to the control-flow constraints or by exploiting implementation flaws. Microsoft's EMET has less overhead than full CFI, but offers less protection in return, and can be bypassed. Probabilistic countermeasures based on memory layout randomization (such as ASLR) are already in widespread use. However, the Pwn2own competitions have repeatedly demonstrated that attackers can bypass code randomization using memory leaks in browsers. To reduce the impact of memory disclosure, recent defenses utilize execute-only memory. In this work we show that execute-only memory is insufficient and that these solutions can still be bypassed. In particular, we show how to determine the code layout by analyzing pointers in the heap and on the stack without ever reading the code. On the defensive side, we build a comprehensive yet practical defense called Readactor that counters both direct reading of code and indirect layout disclosure through analysis of code pointers. We employ a thin hypervisor and a kernel patch to utilize true hardware execute-only memory, and prevent direct reading of code in Linux processes. We hide all code pointers in readable memory using a patched version of the LLVM compiler. We deploy a number of techniques to break ROP gadget chains and disorient the adversary. Specifically, we hide code pointers by converting them into direct jumps stored in execute-only memory to prevent indirect layout disclosure. Our solution is efficient, because it activates previously unused hardware capabilities in modern x86 processors and is often faster than industry CFI implementations. Our solution is also highly practical; we were able to automatically apply our defense to the Chromium web browser. Finally, our solution is comprehensive; we also protect the dynamically generated code emitted by the V8 JavaScript JIT compiler.
Full paper (pdf)
[Export this entry to BibTeX]
[Back to List-View]

Important Copyright Notice:

The documents contained in these directories are included by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a non-commercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
A A A | Drucken Drucken | Impressum Impressum | Sitemap Sitemap | Kontakt Kontakt | Webseitenanalyse: Mehr Informationen
zum Seitenanfangzum Seitenanfang