Department Seminar: Ziming Zhao

When

April 12, 2018    
10:00 am - 11:00 am

Where

3043 ECpE Building Addition
Coover Hall, Ames, Iowa, 50011

Event Type

Ziming ZhaoSpeaker: Ziming Zhao, Assistant Research Professor in the School of Computing, Informatics and Decision Systems Engineering at Arizona State University

Title: Holistic Cybersecurity from System, Human and Social Perspectives

Abstract: Given the ever-increasing complexity in attack and camouflage techniques and escalating sophistication in cybercrime activities, it is imperative to have a holistic view of the today’s cybersecurity landscape from system, network, human and social perspectives to design effective defense and response mechanisms that should span multiple layers in our computing systems and can even utilize human and social factors. To this end, my research foci include not only solving hardcore system and network security problems but also understanding and leveraging security implications of human and social behaviors. In this talk, I will present two example research projects that lay at the two ends of my research spectrum: 1) building cache-based cross-world covert channels in the ARM TrustZone architecture, which is ​deployed in millions of mobile and IoT devices. ​In this project, I proposed  ​to use overlooked PMU features to construct high bandwidth covert channels​ ​that overcome challenges presented by pseudorandom replacement policy and  world switching; and 2) guessing gesture-based picture passwords, which falls into the usable security category. I proposed a novel attack framework that is capable of cracking passwords on previously unseen pictures in the Microsoft. Windows picture gesture authentication system, which is used by millions of users.

Bio: Ziming Zhao is an assistant research professor at Arizona State University. He received the PhD degree in computer science from Arizona State University in 2014. His research foci include system and software security, network security, usable and user-centric security, cybercrime and threat intelligence analytics. His research has led to 40+ publications in security conferences and journals, including IEEE S&P, USENIX Security, NDSS, TISSEC, TDSC, etc. In addition, his research has received 30+ media coverage and have been used in graduate courses at many universities. He won a best paper award in ACM CODASPY 2014 and IEEE ITU Kaleidoscope 2016. He is a general co-chair of ACM CODASPY 2018.

Loading...