UTCS Colloquia - Dr. Samuel T. King/The University of Illinois, "Designing, implementing, and defending against malicious hardware and Trust and Protection in the Illinois Browser Operating System", ACES 2.302

Contact Name: 
Jenna Whitney
May 3, 2011 11:00am - 11:55am

There is a sign-up schedule for this event that can be found at



Type of Talk: UTCS Colloquia

Speaker/Affiliation: Dr. Samue

l T. King/The University of Illinois

Talk Audience: UTCS Faculty, Gra

d Students, Undergrads, and Outside Interested Parties

Date/Time: Tu

esday, May 3, 2011, 11:00 a.m.

Location: ACES 2.302

Host: Vita

ly Shmatikov and Emmett Witchel via the Center for Information Assurance an

d Security

Talk Title: "Designing, implementing, and defending again

st malicious hardware and Trust and Protection in the Illinois Browser Op

erating System"

Talk Abstract:
The computer systems security arms ra

ce between attackers and defenders has largely taken place in the domain of
software systems, but as hardware complexity and design processes have ev

olved, novel and potent hardware-based security threats are now possible.

In this
talk I will discuss a hybrid hardware/software approach to defen

ding against malicious hardware.

I will discuss BlueChip, a defensive
strategy that has both a design-time component and a runtime component. Du

ring the design verification phase, BlueChip invokes hardware testing algo

rithms to identify suspicious circuitry---those circuits not used or otherw

ise activated by any of the design verification tests. BlueChip removes the
suspicious circuitry and replaces it with exception generation hardware. T

he exception handler software is responsible for providing forward progress
by emulating the effect of the exception-generating instruction in softwar

e, effectively providing a detour around suspicious hardware. In our exper

iments, BlueChip is able to prevent all hardware attacks we evaluate while
incurring a small runtime overhead.

I will also discuss the Illinois

Browser Operating System (IBOS), a new OS from my research group designed

to improve the security of low-level system software for web browsers. Curr

ent web browsers are complex, have enormous trusted computing bases, and

provide attackers with easy access to modern computer systems. IBOS is a ne

w operating
system and a new browser that reduces the trusted computing

base for web browsers. In our architecture we expose browser-level abstract

ions at the lowest software layer, enabling us to remove almost all tradit

ional OS components and services from our trusted computing
base by mapp

ing browser abstractions to hardware abstractions directly. We show that th

is architecture is flexible enough to enable new browser security policies

, can still support traditional applications, and adds little overhead to

the overall browsing experience.

Speaker Bio:
Samuel T. King is an a

ssistant professor in the Computer Science department at the University of

Illinois. His research interests include security, experimental software s

ystems, operating systems, and computer architecture. His current researc

h focuses include defending against malicious hardware, designing and impl

ementing secure web browsers, and applying machine learning to systems pro

blems. Sam received his PhD in Computer Science and Engineering from the U

niversity of Michigan in 2006.