发布时间：2020-04-22 来源：ICSR 作者：浙大网安
讲座日期：2020年4月25日 上午 10 点
讲座题目：Getting Started with Whole-Kernel Analysis Using LLVM
Operating system (OS) kernels are security critical. The security of the whole computer system is gone if the kernel is compromised. In fact, OS kernels are very buggy, exposing a wide attack surface to adversaries. For example, error handling in the Linux kernel is just "occasionally" correct. In particular, we have found more than one thousand new security bugs of various classes in OS kernels. As such, OS kernels are calling for bug detection!
In this talk, I will first share how to quickly use LLVM to analyze the Linux kernel, including how to generate the LLVM IR for the kernel source code. Then, I will share how to identify error-handling code and security checks in the Linux kernel, which will allow us to detect a variety of semantic bugs. Have fun with kernel analysis.
Dr. Kangjie Lu is an assistant professor in the Computer Science & Engineering Department of the University of Minnesota-Twin Cities. His research interests include security and privacy, program analysis, and operating systems. He is particularly interested in automatically finding classes of vulnerabilities, introduced by both developers and compilers, in widely used systems, and hardening systems while preserving their reliability and efficiency. He won the competitive best paper award at ACM CCS 2019. His research results are regularly published at top-tier venues and have led to many important updates in the Linux kernel, the Android OS, the FreeBSD kernel, and Apple’s iOS. He received his Ph.D. in Computer Science from the Georgia Institute of Technology. More details can be found at https://www-users.cs.umn.edu/~kjlu