Computer Security Laboratory

 

About

At Computer Security Laboratory (SecLab), our mission is to conduct cutting-edge research in computer security, with an emphasis on computer systems and software. 

The problems of our interests include: (1) software security (e.g., binary code analysis, rewriting, hardening, and vulnerability discovery such as fuzzing), (2) systems security (e.g., virtualization and container security, side channel analysis with Intel SGX), and (3) security in emerging computing platforms (e.g., mobile, IoT, AI, blockchain, and cloud). 

We also offer a number of courses including Operating Systems, Network Security, and Software Security. 

We are (always) looking for self-motivated students with solid systems (e.g., OS, virtualization, compiler, machine code) and networking as well as security background. Interested students who wish to purse a PhD under our direction please drop us an email. 

People

Research

  • Software Security. We always have a strong interest of understanding and analyzing the native binary code, because it is everywhere and it is the final representation of the software implementation. In the past, we have investigated the reverse engineering of binary code for discovering the network protocol format as well as more generally input data format. We also have developed techniques for automatic vulnerability discovery, and automatic data structure reverse engineering. Recently, we have been working on native binary code hardening, rewriting, and debloating, and mobile app and IoT code analysis for vulnerability discovery.

  • Systems security. We also have strong interests with containers, OS kernels, hypervisior, and hardware-assisted security (e.g., SGX). We have been working on automating the virtual machine introspection, reverse engineering of kernel objects, understanding the side channels of kernel file systems, and most recently the attacks and defenses with Intel SGX.

  • Security in Emerging Computing Platforms. We always push our research to the cutting-edge technologies. With the industry's rising interest in mobile, IoT, AI, blockchains, cloud, etc., we ask ourselves what security discoveries we can find in these platforms.

Publications

Releases

Please check out the released source code from our lab at https://github.com/OSUSecLab.

Sponsors

We are grateful to our research sponsors including AFOSR, DARPA, DFINITY, Intel, NSA, NSF, Raytheon, and VMware.

Director