NISL
清华大学网络与信息安全实验室学术沙龙,欢迎关注~
This is the Paper Reading Seminar of Network and Information Security Lab (NISL) at Tsinghua University. Tune in for more details!
**时间:**2023年11月9日 14:00 - 16:00
**腾讯会议:**https://meeting.tencent.com/dm/D21J2wuXqQPV
**会议ID:**711-4428-4790
**会议密码:**231109
* 本次分享对外公开直播,线上参会者要求实名备注“姓名-单位”
Agenda
1.【论文分享】Off-Path TCP Exploits of the Mixed IPID Assignment
Presenter: 刘世明
Conference: CCS '20
Authors: Feng X, Fu C, Li Q, et al.
Abstract: The article achieves degradation of IPID allocation algorithms by sending ICMP requests in a fragmented manner. It leverages the incremental nature of IPID as a side channel to infer the victim's IP address, port, as well as the ACK and SEQ values in the TCP traffic, thereby intercepting TCP traffic.
Link to paper: https://dl.acm.org/doi/10.1145/3372297.3417884
2.【论文分享****】Fuzzing SGX Enclaves via Host Program Mutations
Presenter: 李哲铭
Conference: EuroS&P '23
Authors: Khan A, Zou M, Kim K, et al.
Abstract: FUZZSGX proposes an input and program mutation-based fuzzer for Intel SGX enclave implementations. It provides an enclave fuzzing runtime, FUZZSGX RUNTIME, which is a drop-in library for the Intel SGX SDK, enabling code coverage and sanitization within enclaves. To explore the host app-enclave boundary, FUZZSGX conducts static analysis and symbolic execution on existing host apps and enclave implementations to generate promising fuzzing programs.
Link to paper: https://ieeexplore.ieee.org/document/10190488
# 学术沙龙问卷反馈
编辑|刘一静 黄嘉盛
来源**|NISL实验室**