Portfolio item number 1
Short description of portfolio item number 1
Short description of portfolio item number 1
Short description of portfolio item number 2
Published in IEEE International Conference on Computer Design (ICCD), 2020
Recent studies on attacks exploiting processor hardware vulnerabilities have raised significant concern for information security. Particularly, transient execution attacks such as Spectre augment microarchitectural side channels with speculative executions that lead to exfiltration of secretive data not intended to be accessed. Many prior works have demonstrated the manipulation of branch predictors for triggering speculative executions, and thereafter leaking sensitive information through …
Recommended citation: M. H. I. Chowdhuryy, H. Liu, and F. Yao, “BranchSpec: Information Leakage Attacks Exploiting Speculative Branch Instruction Executions,” in IEEE ICCD, 2020.
Download Paper | Download Slides
Published in International Symposium on Secure and Private Execution Environment Design (SEED), 2021
The rapid development of deep learning has significantly bolstered the performance of natural language processing (NLP) in the form of language modeling. Recent advances in hardware security studies have demonstrated that hardware-based threats can severely jeopardize the integrity of computing systems (e.g., fault attacks for data at rest). Internal adversaries exploiting such hardware vulnerabilities are becoming a major security concern. Yet the impact of hardware faults on systems running …
Recommended citation: K. Cai, M. H. I. Chowdhuryy, Z. Zheng, and F. Yao, “NMT-Stroke: Diverting Neural Machine Translation through Hardware-based Faults,” in IEEE SEED, 2021.
Download Paper | Download Slides
Published in International Symposium on Secure and Private Execution Environment Design (SEED), 2021
Phase Change Memory (PCM) is a promising contender for future main memory solutions. While many architecture-level performance optimizations have been studied for PCM, the security implications of these designs are not well understood. This work demonstrates the first investigation of information leakage threats in PCM-based main memories. Notably, we find state-of-the-art read techniques leveraging access latency asymmetry in Multi-level Cell (MLC) PCM introduce new timing variations. To …
Recommended citation: M. H. I. Chowdhuryy, R. Ewetz, A. Awad, and F. Yao, “R-saw: New side channels exploiting read asymmetry in mlc phase change memories,” in IEEE SEED, 2021.
Download Paper | Download Slides
Published in IEEE Transactions on Computers (TC), 2021
Transient execution attacks that exploit speculation have raised significant concerns in computer systems. Typically, branch predictors are leveraged to trigger mis-speculation in transient execution attacks. In this work, we demonstrate a new class of speculation-based attacks that targets the branch prediction unit (BPU). We find that speculative resolution of conditional branches (i.e., in nested speculation) alter the states of pattern history table (PHT) in modern processors, which are not …
Recommended citation: M. H. I. Chowdhuryy and F. Yao, “Leaking secrets through modern branch predictor in the speculative world,” IEEE TC, 2021.
Download Paper | Download Slides
Published in IEEE/ACM International Symposium on Microarchitecture (MICRO), 2022
Resistive memories (ReRAM) organized in the form of crossbars are promising for main memory integration. While offering high cell density, crossbar-based ReRAMs suffer from variable write latency requirement for RESET operations due to the varying impact of IR drop, which jointly depends on the data pattern of the crossbar and the location of target cells being RESET. The exacerbated worst-case RESET latencies can significantly limit system performance. In this paper, we propose LADDER, an …
Recommended citation: M. H. I. Chowdhuryy, M. R. H. Rashed, A. Awad, R. Ewetz, and F. Yao, “Ladder: Architecting content and location-aware writes for crossbar resistive memories,” in IEEE MICRO, 2021.
Download Paper | Download Slides
Published in IEEE Symposium on Security and Privacy (SP), 2022
Recent advancements in Deep Neural Networks (DNNs) have enabled widespread deployment in multiple security-sensitive domains. The need for resource-intensive training and the use of valuable domain-specific training data have made these models the top intellectual property (IP) for model owners. One of the major threats to DNN privacy is model extraction attacks where adversaries attempt to steal sensitive information in DNN models. In this work, we propose an advanced model extraction …
Recommended citation: M. H. I. Chowdhuryy, A. S. Rakin, F. Yao, and D. Fan, “Deepsteal: Advanced model extractions leveraging efficient weight stealing in memories,” 2022.
Download Paper | Download Slides
Published in IEEE Micro, 2023
Recent advances in nonvolatile memory (NVM), together with their performance-optimized architectural schemes, position NVMs as promising building blocks for future main memory. However, the security of such techniques has not been explored. This article performs the first study on information leakage threats in phase-change memories (PCM). We propose an attack framework, read-saw (R-SAW), that systematically investigates side channel vulnerabilities in representative read techniques under …
Recommended citation: M. H. I. Chowdhuryy, R. Ewetz, A. Awad, and F. Yao, “Understanding and characterizing side channels exploiting phase-change memories,” IEEE Micro, 2023.
Download Paper | Download Slides
Published in IEEE/ACM International Conference on Computer Aided Design (ICCAD), 2023
Information leakage through processor microarchi-tectural components exploiting speculative execution is raising significant security concerns. Modern commercial processors incorporate branch predictor designs where internal states of branch predictor structures are speculatively updated. Recent studies have shown that speculatively updated branch predictors allow side channel exploitation in the speculative domain, extending branch predictors to be another source of transmitting medium in …
Recommended citation: M. H. I. Chowdhuryy, Z. Zhang, and F. Yao, “Beknight: Guarding against information leakage in speculatively updated branch predictors,” in IEEE ICCAD, 2023.
Download Paper | Download Slides
Published in IEEE International Symposium on High-Performance Computer Architecture (HPCA), 2023
Ensuring the confidentiality and integrity of data stored in storage disks is essential to protect users’ sensitive and private data. Recent developments of hardware-based attacks have motivated the need to secure storage data not only at rest but also in transit. Unfortunately, existing techniques such as software-based disk encryption and hardware-based self-encrypting disks fail to offer such comprehensive protection in today’s adversarial settings. With the advances of NVMe SSDs promising …
Recommended citation: M. H. I. Chowdhuryy, M. Jung, F. Yao, and A. Awad, “D-shield: Enabling processor-side encryption and integrity verification for secure nvme drives,” in IEEE HPCA, 2023.
Download Paper | Download Slides
Published in ACM Asia Conference on Computer and Communications Security (ASIACCS), 2024
Trusted execution environment (TEE) offers data protection against malicious system software. However, the TEE (e.g., Intel SGX) threat model exacerbates information leakage as attackers can enhance and denoise the observations from hardware-based side channels through controlled victim execution (i.e., replay). The replay mechanism is especially critical for side channels from physical traces (e.g., power consumption) that not only vary instantaneously but also necessitate successive …
Recommended citation: M. H. I. Chowdhuryy, Z. Zhang, and F. Yao, “Powspectre: Powering up speculation attacks with tsx-based replay,” in ACM ASIACCS, 2024.
Download Paper | Download Slides
Published in IEEE Symposium on Security and Privacy (SP), 2024
Backdoor attacks have raised significant concerns in machine learning (ML) systems. Mainstream ML backdoor attacks typically involve either poisoning the victim’s training samples or pre-training poisoned models for use by victim users. Meanwhile, recent advances in hardware-based threats reveal that ML model integrity at inference-time can be seriously tampered by inducing transient faults in model weights. However, the adversarial impacts of such hardware fault attacks at training time have …
Recommended citation: K. Cai, M. H. I. Chowdhuryy, Z. Zhang, and F. Yao, “Deepvenom: Persistent dnn backdoors exploiting transient weight perturbations,” in IEEE S&P, 2024
Download Paper | Download Slides
Published in IEEE/ACM Annual International Symposium on Computer Architecture (ISCA), 2024
Microarchitectural side channels raise severe security concerns. Recent studies indicate that microarchitecture security should be examined holistically (rather than separately) in systems. Although the effects of performance optimizations on side channels are widely studied, the impacts of integrating security mechanisms intended for other threats on microarchitecture security are not well explored. In this paper, we perform the first side channel exploration in secure processor architectures …
Recommended citation: M. H. I. Chowdhuryy, H. Zheng, and F. Yao, “Metaleak: Uncovering side channels in secure memory architectures exploiting metadata,” in IEEE ISCA, 2024.
Download Paper | Download Slides
Published in IEEE/ACM International Symposium on Microarchitecture (MICRO), 2024
Modern secure processors rely on hardware-assisted encryption and tree-based integrity verification to protect off-chip data. However, despite extensive research on performance optimization, there is a significant lack of emphasis on side channel vulnerabilities in secure architectures. Given the strong focus on data security, it is critical to ensure that the integration of new design elements into secure architectures does not inadvertently introduce additional vulnerabilities. Existing …
Recommended citation: M. H. I. Chowdhuryy and F. Yao, “IvLeague: Side Channel-resistant Secure Architectures Using Isolated Domains of Dynamic Integrity Trees,” IEEE MICRO, 2024.
Download Paper | Download Slides
Published:
Published:
Undergraduate course, University 1, Department, 2014
This is a description of a teaching experience. You can use markdown like any other post.
Workshop, University 1, Department, 2015
This is a description of a teaching experience. You can use markdown like any other post.