The Michigan Engineer News Center

Graduate student honors competition highlights outstanding research

The competition is the culmination of a process that narrows a field of entrants from each of the department research areas to a handful of finalists.| Short Read
EnlargeCompetition finalists
IMAGE:  Competition finalists. Fang Yi-Yu, Abraham Addisie, Prof. Ed Durfee, Toyota representative Vishmu D., Sai Gouravajhala, winner Ofir Weisse, and Dhanvin Mehta.

CSE held its fifteenth annual CSE Graduate Student Honors Competition on November 7, 2018. The competition is the culmination of a process that narrows a field of entrants from each of the department research areas to a handful of finalists, each of whom gives a summary presentation on an area of their research. CSE faculty and an industry sponsor from Toyota Research Institute ranked the finalists’ presentations.

EnlargeCompetition winner
IMAGE:  This year's competition winner, Ofir Weisse, and Prof. Ed Durfee

Top Presentation Chosen

The top presentation at this year’s competition was “Foreshadow: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution,” given by Ofir Weisse, who represented CSE’s Software research area.

About the Research

Foreshadow is a speculative execution attack on Intel processors which allows an attacker to steal sensitive information stored inside personal computers or third party clouds. Foreshadow has two versions, the original attack designed to extract data from a digital lockbox feature known as Intel Software Guard Extensions, or SGX, and a Next-Generation version which affects Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory.

Foreshadow-SGX: SGX is a new feature in modern Intel CPUs which allows computers to protect users’ data even if the entire system falls under the attacker’s control. While it was previously believed that SGX is resilient to speculative execution attacks (such as the previously documented Meltdown and Spectre), Foreshadow demonstrates how speculative execution can be exploited for reading the contents of SGX-protected memory as well as extracting the machine’s private attestation key.

Foreshadow Next Generation: While investigating the vulnerability that causes Foreshadow, Intel identified two related attacks, called Foreshadow-NG. These attacks can potentially be used to read any information residing in the L1 cache, including information belonging to the System Management Mode (SMM), the Operating System’s Kernel, or Hypervisor. Perhaps most devastating, Foreshadow-NG might also be used to read information stored in other virtual machines running on the same third-party cloud, presenting a risk to cloud infrastructure. Finally, in some cases, Foreshadow-NG might bypass previous mitigations against speculative execution attacks, including countermeasures to Meltdown and Spectre.

Runners Up 2018

Runners up in this year’s competition were:

Abraham Addisie
Hardware
“Heterogeneous Memory Subsystem for Natural Graph Analytics”

Sai Gouravajhala
Interactive Systems
“Hybrid Intelligence Systems for Understanding Digital and Physical Environments”

Dhanvin Mehta
Artificial Intelligence
“Reliable Navigation in Dynamic Social Environments Using Multi-Policy Decision Making”

Fang-Yi Yu
Theory
“Dynamics and Social Networks: Nonhomogeneous Kleinberg’s Small World Model and Myopic Routing”

Competition finalists
Competition winner
Portrait of Steve Crang

Contact

Steve Crang
CSE Marketing and Communications Manager

Michigan Engineering

(734) 763-9996

3832 Beyster Bldg

Sound wave visualization. Getty Images.

Mining soundwaves: Researchers unlock new data in sonar signals

“Acoustic fields are unexpectedly richer in information than is typically thought.” | Medium Read