Defense Notices

Decompilation is the process of reverse engineering a binary program into an equivalent source code representation with the objective to recover high-level program constructs such as functions, variables, data types, and control flow mechanisms. Decompilation is applicable in many contexts, particularly for security analysts attempting to decipher the construction and behavior of malware samples. However, due to the loss of information during compilation, this process is naturally speculative and thus is prone to inaccuracy. This inherent speculation motivates the idea of an evaluation framework for decompilers.

In this work, we present a novel framework to quantitatively evaluate the inference accuracy of decompilers, regarding functions, variables, and data types. Within our framework, we develop a domain-specific language (DSL) for representing such program information from any "ground truth" or decompiler source. Using our DSL, we implement a strategy for comparing ground truth and decompiler representations of the same program. Subsequently, we extract and present insightful metrics illustrating the accuracy of decompiler inference regarding functions, variables, and data types, over a given set of benchmark programs. We leverage our framework to assess the correctness of the Ghidra decompiler when compared to ground truth information scraped from DWARF debugging information. We perform this assessment over a subset of the GNU Core Utilities (Coreutils) programs and discuss our findings.

Skills validation is a key issue when hiring workers. Companies and universities often face difficulties in determining an applicant's skills because certification of the skills claimed by an applicant is usually not readily verifiable and verification is costly. Also, from applicant's perspective, skill evaluation from industry expert is valuable instead of learning a generalized course with certification. Most of the certification programs are easy and proved not so fruitful in learning the required work skills. Blockchain has been proposed in the literature for functional verification and tamper-proof information storage in a decentralized way. "EvalIt" is a blockchain-based Dapp that addresses the above issues and guarantees some desirable properties. The Dapp facilitates skill evaluation efforts through payments using tokens that it collects from payments made by users of the platform.

Profile-guided optimizations (PGO) are a class of sophisticated compiler transformations that employ information regarding the profile or execution time behavior of a program to improve program performance, typically speed. PGOs for popular language platforms, like C, C++, and Java, are generally regarded as a mature and mainstream technology and are supported by most standard compilers. Consequently, properties and characteristics of PGOs are assumed to be established and known but have rarely been systematically studied with multiple mainstream compilers.

The goal of this work is to explore and report some important properties of PGOs in mainstream compilers, specifically GCC and LLVM in this work. We study the performance delivered by PGOs at the program and function-level, impact of different execution profiles on PGO performance, and compare relative PGO benefit delivered by different mainstream compilers. We also built the experimental framework to conduct this research. We expect that our work will help focus future research and assist in building frameworks to field PGOs in actual systems.

As the world recovers from the damage caused by the spread of COVID-19, the monkeypox virus poses a new threat of becoming a global pandemic. The monkeypox virus itself is not as deadly or contagious as COVID-19, but many countries report new patient cases every day. So it wouldn't be surprising if the world faces another pandemic due to lack of proper precautions. Recently, deep learning has shown great potential in image-based diagnostics, such as cancer detection, tumor cell identification, and COVID-19 patient detection. Therefore, since monkeypox has infected human skin, a similar application can be employed in diagnosing monkeypox-related diseases, and this image can be captured and used for further disease diagnosis. This project presents a deep learning approach for detecting monkeypox disease from skin lesion images. Several pre-trained deep learning models, such as ResNet50 and Mobilenet, are deployed on the dataset to classify monkeypox and other diseases.

In the last century, we have seen incredible growth in the field of quantum computing. Quantum computing offers us the opportunity to find efficient solutions to certain computational problems which are intractable on classical computers. One class of problems that seems to benefit from quantum computing is the Hidden Subgroup Problem (HSP). In the following proposal, we will examine basics of quantum computing as well as the current research surrounding the HSP. We will also discuss the importance of the HSP and its relation to other popular problems such as Integer Factoring, Discrete Logarithm, Shortest Vector, and Subset Sum problems.

The proposed research aims to develop a quantum algorithmic polynomial-time reduction to special cases of the HSP where the parameterizing group is the Dihedral group. This problem is known as the Dihedral HSP (DHSP). The usual approach to the HSP relies on harmonic analysis in the domain of the problem and the best-known algorithm using this approach is sub-exponential, but still super-polynomial. The algorithm we have designed focuses on the structure encoded in the codomain which uses this structure to direct a “walk” down the subgroup lattice terminating at the hidden subgroup.

This project is not a new idea or an innovative method, this project consists in the implementation of techniques already used in the consumer industry.

The purpose of this project is to implement a compact and low-weight Maximum Power Point Tracking (MPPT) Solar Harvesting Device intended for a small fixed-wing unmanned aircraft. For the aircraft selected, the load could be subsidized up to 25% by the MPPT device and installed solar cells.

The MPPT device was designed around the Texas Instruments SM72445 Integrated Circuit and its technical documentation. The prototype was evaluated using a Photovoltaic Profile Emulator Power Supply and a LiPo battery.

The device performed MPPT in one of the different tested current-voltage (IV) profiles reaching Maximum Power Point (MPP).  The device did not maintain the MPP. Under an additional external DC load or different IV profiles, the emulator operates in prohibited operating conditions. The probable cause of the failed behavior is due to instability in the emulator’s output. The inputs to the controller and response behaviors of the H-bridge circuit were as expected and designed.

The main aim of the thesis is to identify provisions employed by the compiler to ensure the security of any arbitrary binary. These provisions are security techniques applied automatically by the compiler during the system build process. Compilers provide a number of security checks, that can be applied statically or at compile time, to protect the software from attacks that target code vulnerabilities. Most compilers use warnings to indicate potential code bugs and run-time security checks which add instrumentation code in the binary to detect problems during execution. Our first work is to develop a language-agnostic and compiler-agnostic experimental framework which determines the presence of targeted compiler-based run-time security checks in any binary. Our next work is focused on exploring if unresolved compiler generated warnings can be detected in the binary when the source code is not available.

Metagenomics is the study of microbial genomes from one common environment and in most cases, metagenomic data refer to the whole-genome shotgun sequencing data of the microbiota, which are fragmented DNA sequences from all regions in the microbial genomes. Because the data are generated without laboratory culture, they provide a more unbiased insight to and uniquely enriched information of the microbial community. Currently many researchers are interested in metagenomic data, and a sea of software exist for various purposes at different analyzing stages. Most researchers build their own analyzing pipeline on their expertise, and the pipelines for the same purpose built by two researchers might be disparate, thus affecting the conclusion of experiment. 

My research interests involve: (1) We first developed an assembly graph-based ncRNA searching tools, named DRAGoM, to improve the searching quality in metagenomic data. (2) We proposed an automatic metagenomic data analyzing pipeline generation system to extract, organize and exploit the enormous amount of knowledge available in literature. The system consists of two work procedures: construction and generation. In the construction procedure, the system takes a corpus of raw textual data, and updates the constructed pipeline network, whereas in the genera- tion stage, the system recommends analyzing pipeline based on the user input. (3) We performed a meta-analysis on the taxonomic and functional features of the gut microbiome from non-small cell lung cancer patients treated with immunotherapy, to establish a model to predict if a patient will benefit from immunotherapy. We systematically studied the taxonomical characteristics of the dataset and used both random forest and multilayer perceptron neural network models to predict the patients with progressing-free survival above 6 months versus those below 3 months.

The complexity of the design and fabrication process of electronic devices is advancing with their ability to provide wide-ranging functionalities including data processing, sensing, communication, artificial intelligence, and security. Due to these complexities in the design and manufacturing process and associated time and cost, system developers often prefer to procure off-the-shelf components directly from the market instead of developing custom Integrated Circuits (ICs) from scratch. Procurement of Commerical-Off-The-Shelf (COTS) components reduces system development time and cost significantly, enables easy integration of new technologies, and facilitates smaller production runs. Moreover, since various companies use the same COTS IC, they are generally available in the market for a long period and are easy to replace. 

Although utilizing COTS parts can provide many benefits, it also introduces serious security concerns. None of the entities in the COTS IC supply chain are trusted from a consumer's perspective, leading to a ”Zero Trust” supply chain threat model. Any of these entities could introduce hidden malicious circuits or hardware Trojans within the component that could help an attacker in the field extract secret information (e.g., cryptographic keys) or cause a functional failure. Existing solutions to counter hardware Trojans are inapplicable in a zero trust scenario as they assume either the design house or the foundry to be trusted. Moreover, many solutions require access to the design for analysis or modification to enable the countermeasure. 

In this work, we have proposed a software-oriented countermeasure to ensure the confidentiality of secret assets against hardware Trojan attacks in untrusted COTS microprocessors. The proposed solution does not require any supply chain entity to be trusted and does not require analysis or modification of the IC design.  

To protect secret assets in an untrusted microprocessor, the proposed method leverages the concept of residue number coding to transform the software functions operating on the asset to be homomorphic. We have presented a detailed security analysis to evaluate the confidentiality of a secret asset under Trojan attacks using the secret key of the Advanced Encryption Standard (AES) program as a case study. Finally, to help streamline the application of this protection scheme, we have developed a plugin for the LLVM compiler toolchain that integrates the solution without requiring extensive source code alterations.

While identifying an object in an image is almost an instantaneous task for the human visual perception system, it takes more effort and time to process and identify a camouflaged object - an entity that flawlessly blends with the background in the image. This explains why it is much more challenging to enable a machine learning model to do the same, in comparison to generic object detection or salient object detection.

This project implements a framework called Search Identification Network, that simulates the search and identification pattern adopted by predators in hunting their prey and applies it to detect camouflaged objects. The efficiency of this framework in detecting polyps in medical image datasets is also measured.