News
Next Seminar on 21.06.2023
Written on 19.06.2023 10:20 by Niklas Medinger
Dear All,
The next seminar(s) take place on 21.06.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Maximilian Jung, Kai Greshake, Maximilian Löffler
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Florian Bauckholt, Kai Wittenmayer
https://cispa-de.zoom.us/j/69371224982?pwd=amFFbmVBcVhDeGg5Q2VacXh0M3pKQT09
Session A:
14:00 - 14:30
Speaker: Maximilian Jung
Type of talk: Master Final
Advisor: Valentin Dallmeier
Title: Automated Website Security Testing Based on Existing Selenium Tests with webmate
Research Area: RA5: Empirical and Behavioural Security
Abstract:
The web has become the most important platform of the internet and is used in all aspects of people's lives. It can be used for getting information, social interaction, online shopping and controlling smart homes or industry components. With the increasing amount of websites and features, there is a proportional rise in code complexity, which often results in more potential flaws. One of the most frequent flaws is Cross-Site Scripting (XSS), which allows attacker-controlled code execution in the context of the vulnerable application, as well as SQL injection, which allows attacker-controlled SQL code to be executed in the database to bypass logins, retrieve or alter information and even take over the whole database or server. We aim to alleviate this problem by automatically finding security vulnerabilities with automated test generation.
Unlike other automated website security testing approaches, we do not apply black-box fuzzing but are using an existing selenium test for a website as a basis by using webmate. Hence the security test is guided by the selenium test that is checking if the application works as intended. This enables us to test deeper paths in an application because the test knows how to get to a specific point of e.g. a multi-page form without fuzzing. The number of times we have to submit e.g. input fields are also greatly reduced by the fact that we know what data is expected in which fields because of the existing selenium test, which makes the testing more efficient and less invasive.
14:30 - 15:00
Speaker: Kai Greshake
No information provided.
15:00 - 15:30
Speaker: Maximilian Löffler.
Type of talk: Bachelor Intro.
Advisor: Michael Schwarz, Lukas Gerlach.
Title: Undervolt Fuzzing: Searching for Bad Instructions Gadgets.
Research Area: RA3
Abstract:
With the introduction of the Intel Haswell architecture, Intel allows kernel level code to update the voltage powering the CPU dynamically.
Reducing the voltage below the recommended value is called undervolting and can have beneficial effects on power consumption and heat dissipation.
In 2019, Plundervolt demonstrates that undervolting can destabilize the CPU to a point where it faults, compromising in-place security mechanisms like Intel SGX.
To change the voltage of the CPU, an attacker needs to be privileged on the target system.
Furthermore, Intel recently introduced Undervolt Protection (UVP), which disables runtime undervolting.
This puts significant limitations on the attack surface of Plundervolt.
In this talk we investigate the presence of CPU faults under less or no voltage stress.
This step is crucial to bridge the gap between a theoretical attack and real-world exploitation.
If possible, such faults expose new attack surfaces to the unprivileged attacker.
Towards this, we present the Undervolt Fuzzer, a tool to efficiently probe random instruction sequences for their ability to cause CPU faults.
We apply mild undervolting, e.g., between -20mV and -80mV below the recommended value.
This sufficies to destabilize the CPU while not provoking faults when in idle.
Session B:
14:00 - 14:30
Speaker: Florian Bauckholt
Type of talk: Master Intro
Title: Evaluating WebAssembly as a Fuzzing Compilation Target
Research Area: RA5
Abstract:
Traditional fuzzers rely on a static instrumentation phase, which can be hard
to extend and work with. Instead, we propose compiling to a shared compilation
target that retains most instrumentation opportunities with potential for
dynamic instrumentation. We propose WebAssembly as a suitable target due to its
widespread language support, deterministic and isolated nature, and simple and
easy to JIT instruction set.
We prototype Wasmfuzz, a fuzzer for WebAssembly modules that supports pluggable
instrumentation strategies, and evaluate the performance of various
instrumentation strategies. We show that WebAssembly retains enough high-level
information to implement a competitive fuzzer and discuss potential ideas for
adaptive instrumentation.
15:00 - 15:30
Speaker: Kai Wittenmayer
Type of talk: Bachelor Intro
Advisor: Dr. Rebekka Burkholz
Title: Inference and Prediction of international food trade networks
Research Area: RA1 Trustworthy Information Processing
Abstract:
Over the past 30 years, the international food trade network has evolved to be increasingly complex
and interconnected. As a result of this globalization, the food trade network is vulnerable to shocks
such as natural disasters, wars, or pandemics, as has been seen in recent years. This work aims to
utilize machine learning for predictive modeling of the food trade network. We collect, preprocess,
integrate and analyze data from several databases provided by FAOSTAT to build a comprehensive
temporal network of the global trade for four staple foods: soy, maize, wheat and rice. We use this
dataset to predict the available supply of staple foods in a country and the trade volume between
two countries. We perform a comparative study of the traditionally used economic gravity model and
several machine learning models for these tasks. Such data-driven predictive models provide insights
into international dependencies, the influence of key economic variables, and the impact of internal
or external shocks. These insights can be used by policymakers to ensure higher levels of global food
security.