Wenjie Xiong

Virginia Tech (Virginia Polytechnic Institute and State University) | VT · Department of Electrical and Computer Engineering

In today's machine learning (ML) models, any part of the training data can affect its output. This lack of control for information flow from training data to model output is a major obstacle in training models on sensitive data when access control only allows individual users to access a subset of data. To enable secure machine learning for access...

The ubiquity and pervasiveness of modern Internet of Things (IoT) devices opens up vast possibilities for novel applications, but simultaneously also allows spying on, and collecting data from, unsuspecting users to a previously unseen extent. This paper details a new attack form in this vein, in which the decay properties of widespread, off-the-sh...

On-device machine learning (ML) inference can enable the use of private user data on user devices without remote servers. However, a pure on-device solution to private ML inference is impractical for many applications that rely on embedding tables that are too large to be stored on-device. To overcome this barrier, we propose the use of private inf...

This paper introduces a new attack vector in modern processors: the timing-based channel attacks due to the Translation Look-aside Buffers (TLBs). This paper first presents a three-step modeling approach to exhaustively enumerate all possible TLB timing-based vulnerabilities and automatically-generated micro security benchmarks that test for the TL...

Online personalized recommendation services are generally hosted in the cloud where users query the cloud-based model to receive recommended input such as merchandise of interest or news feed. State-of-the-art recommendation models rely on sparse and dense features to represent users' profile information and the items they interact with. Although s...

Secure multi-party computation (MPC) enables computation directly on encrypted data on non-colluding untrusted servers and protects both data and model privacy in deep learning inference. However, existing neural network (NN) architectures, including Vision Transformers (ViTs), are not designed or optimized for MPC protocols and incur significant l...

This paper surveys the landscape of security verification approaches and techniques for computer systems at various levels: from a software-application level all the way to the physical hardware level. Different existing projects are compared, based on the tools used and security aspects being examined. Since many systems require both hardware and...

Federated learning (FL) aims to perform privacy-preserving machine learning on distributed data held by multiple data owners. To this end, FL requires the data owners to perform training locally and share the gradient updates (instead of the private inputs) with the central server, which are then securely aggregated over multiple data owners. Altho...

The aggressive performance optimizations in modern microprocessors can result in security vulnerabilities. For example, the timing-based attacks in processor caches are shown to be successful in stealing secret keys or causing privilege escalation. So far, finding cache-timing vulnerabilities is mostly performed by human experts, which is inefficie...

The ubiquity and pervasiveness of modern Internet of Things (IoT) devices opens up vast possibilities for novel applications, but simultaneously also allows spying on, and collecting data from, unsuspecting users to a previously unseen extent. This paper details a new attack form in this vein, in which the decay properties of widespread, off-the-sh...

Timing-based side and covert channels in processor caches continue to be a threat to modern computers. This work shows for the first time, a systematic, large-scale analysis of Arm devices and the detailed results of attacks the processors are vulnerable to. Compared to x86, Arm uses different architectures, microarchitectural implementations, cach...

Timing-based side and covert channels in processor caches continue to be a threat to modern computers. This work shows for the first time a systematic, large-scale analysis of Arm devices and the detailed results of attacks the processors are vulnerable to. Compared to x86, Arm uses different architectures, microarchitectural implementations, cache...

Transient execution attacks, also known as speculative execution attacks, have drawn much interest in the last few years as they can cause critical data leakage. Since the first disclosure of Spectre and Meltdown attacks in January 2018, a number of new transient execution attack types have been demonstrated targeting different processors. A transi...

A Physically Unclonable Function (PUF) is a unique and stable physical characteristic of a piece of hardware, which emerges due to variations in the fabrication processes. PUFs have been shown to be a promising cryptographic primitive for key storage, hardware-based device authentication, and identification. This paper shows how to realize the rece...

This article discusses a recently developed test suite for checking timingbased vulnerabilities in processor caches, which has revealed the insecurity of today's processor caches. The susceptibility of caches to these vulnerabilities calls for more research on secure processor caches.

The Least-Recently Used (LRU) cache replacement policy and its variants are widely deployed in modern processors. This article shows in detail that the LRU states of caches can be used to leak information: any access to a cache by a sender will modify the LRU state, and the receiver is able to observe this through a timing measurement. This article...

Transient execution attacks, also called speculative execution attacks, have drawn much interest as they exploit the transient execution of instructions, e.g., during branch prediction, to leak data. Transient execution is fundamental to modern computer architectures, yet poses a security risk as has been demonstrated. Since the first disclosure of...

Many secure cache designs have been proposed in literature with the aim of mitigating different types of cache timing–based attacks. However, there has so far been no systematic analysis of how these secure cache designs can, or cannot, protect against different types of the timing-based attacks. To provide a means of analyzing the caches, this pap...

Low-end computing devices are becoming increasingly ubiquitous, especially due to the widespread deployment of Internet-of-Things products. There is, however, much concern about sensitive data being processed on these low-end devices which have limited protection mechanisms in place. This paper proposes a Hardware-Entangled Software Protection (HES...

Timing-based side or covert channels in processor caches continue to present a threat to computer systems, and they are the key to many of the recent Spectre and Meltdown attacks. Based on improvements to an existing three-step model for cache timing-based attacks, this work presents 88 Strong types of theoretical timing-based vulnerabilities in pr...

This work presents a design-time security verification framework for secure processor architectures. Our new SecChisel framework is built upon the Chisel hardware construction language and tools, and uses information flow analysis to verify the security properties of an architecture at design-time. To enforce information flow security, the framewor...

This paper focuses on a new attack vector in modern processors: the timing-based side and covert channel attacks due to the Translation Look-aside Buffers (TLBs). This paper first presents a novel three-step modeling approach that is used to exhaustively enumerate all possible TLB timing-based vulnerabilities. Building on the three-step model, this...

The widely deployed Least-Recently Used (LRU) cache replacement policy and its variants are an essential component of modern processors. However, we show for the first time in detail that the LRU states of caches can be used to leak information. The LRU states are shared among all the software that accesses the cache and we show that timing-based c...

Physical variations in the manufacturing processes of electronic devices have been widely leveraged to design Physically Unclonable Functions (PUFs), which can be used for authentication and key storage. Existing PUFs are static, as their PUF responses remain the same regardless when the PUF is queried. Meanwhile, this paper presents the new concep...

The physical fingerprinting of a memristor crossbar array can be used to prove whether a digital key stored in the array is securely destroyed.

Physical Unclonable Functions (PUFs) based on the retention times of the cells of a Dynamic Random Access Memory (DRAM) can be utilised for the implementation of cost-efficient and lightweight cryptographic protocols. However, as recent work has demonstrated, the times needed in order to generate their responses may prohibit their widespread usage....

Caches are one of the key features of modern processors as they help to improve memory access timing through caching recently used data. However, due to the timing differences between cache hits and misses, numerous timing side-channels have been discovered and exploited in the past. In this paper, Computation Tree Logic is used to model execution...

Physical Unclonable Functions (PUFs) based on the retention times of the cells of a Dynamic Random Access Memory (DRAM) can be utilised for the implementation of cost-efficient and lightweight cryptographic protocols. However, as recent work has demonstrated, the times needed in order to generate their responses may prohibit their widespread usage....

A Physically Unclonable Function (PUF) is a unique and stable physical characteristic of a piece of hardware, which emerges due to variations in the hardware fabrication processes. Prior works have demonstrated that PUFs are a promising cryptographic primitive that can enable secure key storage, hardware-based device authentication and identificati...

Technische Universität Darmstadt Yale University University of Connecticut

Physically Unclonable Functions (PUFs) have become an important and promising hardware primitive for device fingerprinting, device identification, or key storage. Intrinsic PUFs leverage components already found in existing devices, unlike extrinsic silicon PUFs, which are based on customized circuits that involve modification of hardware. In this...

Several cryptographic applications entail the availability of a secure storage on a device, for instance, to store secret keys. Physical Unclonable Functions (PUFs) can be used to provide such key storage on commodity devices in a cost-efficient manner [KKR + 12]. Their security is based on the existence of at least one (random but stable) output t...

A Physically Unclonable Function (PUF) is a unique and stable physical characteristic of a piece of hardware, which emerges due to variations in the fabrication processes. Prior works have demonstrated that PUFs are a promising cryptographic primitive to enable secure key storage, hardware-based device authentication and identification. So far, mos...

The cuff electrode provides a stable interface with the peripheral nerve, which has been widely utilized in both basic research and clinical practice over the past few decades. In this paper, we present a microfabricated, parylene-based self-locking cuff electrode. The cuff diameter can be adjusted to accommodate the nerve properly during implantat...

In this paper, a parylene-based three-dimensional cuff electrode for peripheral nerve stimulation was proposed and simulated. The three-dimensional (3D) finite element model was built for simulation study of the electrode. The simulation results show this design has higher power efficiency than conventional planar electrode and it can realize selec...

We have designed, fabricated and characterized a cable-tie-type parylene cuff electrode for peripheral nerve interfaces, whose diameter is adjustable to accommodate the nerve properly during implantation. Cuffs made of thin and flexible parylene minimize mechanical damage to surrounding tissues after implantation. Moreover, the integrated parylene...

We experimentally report the fabrication of deformed silica microtoroids with only one-axial symmetry and very large deformation reaching 18%. The largely deformed microcavities are demonstrated to support ultrahigh-Q resonant modes exceeding 6 × 107, though much more chaos emerges compared with slightly deformed microcavities. The chaotic behavior...