Visible to the public Biblio

Filters: Author is Zhang, Chao  [Clear All Filters]
2018
Wang, Yan, Zhang, Chao, Xiang, Xiaobo, Zhao, Zixuan, Li, Wenjie, Gong, Xiaorui, Liu, Bingchang, Chen, Kaixiang, Zou, Wei.  2018.  Revery: From Proof-of-Concept to Exploitable. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :1914-1927.

Automatic exploit generation is an open challenge. Existing solutions usually explore in depth the crashing paths, i.e., paths taken by proof-of-concept (POC) inputs triggering vulnerabilities, and generate exploits when exploitable states are found along the paths. However, exploitable states do not always exist in crashing paths. Moreover, existing solutions heavily rely on symbolic execution and are not scalable in path exploration and exploit generation. In addition, few solutions could exploit heap-based vulnerabilities. In this paper, we propose a new solution revery to search for exploitable states in paths diverging from crashing paths, and generate control-flow hijacking exploits for heap-based vulnerabilities. It adopts three novel techniques:(1) a digraph to characterize a vulnerability's memory layout and its contributor instructions;(2) a fuzz solution to explore diverging paths, which have similar memory layouts as the crashing paths, in order to search more exploitable states and generate corresponding diverging inputs;(3) a stitch solution to stitch crashing paths and diverging paths together, and synthesize EXP inputs able to trigger both vulnerabilities and exploitable states. We have developed a prototype of revery based on the binary analysis engine angr, and evaluated it on a set of 19 real world CTF (capture the flag) challenges. Experiment results showed that it could generate exploits for 9 (47%) of them, and generate EXP inputs able to trigger exploitable states for another 5 (26%) of them.

2019
Ao, Weijun, Fu, Shaojing, Zhang, Chao, Huang, Yuzhou, Xia, Fei.  2019.  A Secure Identity Authentication Scheme Based on Blockchain and Identity-Based Cryptography. 2019 IEEE 2nd International Conference on Computer and Communication Engineering Technology (CCET). :90–95.

Most blockchain-based identity authentication systems focus on using blockchain to establish the public key infrastructure (PKI). It can solve the problem of single point of failure and certificate transparency faced by traditional PKI systems, but there are still some problems such as complex certificate management and complex certificate usage process. In this paper, we propose an identity authentication scheme based on blockchain and identity-based cryptography (IBC). The scheme implements a decentralized private key generator (PKG) by deploying the smart contract in Ethereum blockchain, and uses the IBC signature algorithm and challenge-response protocol during the authentication process. Compared with other blockchain-based identity authentication systems, the scheme not only prevents the single point of failure, but also avoids the complex certificate management, has lower system complexity, and resists impersonation attack, man-in-the-middle attack and replay attack.