���ӽ紫ý

Khaled N. Khasawneh, assistant professor in the Electrical and Computer Engineering Department at ���ӽ紫ý, contributed significant research and work to two papers which have been recognized in the area of hardware security.

Researchers in Khasawneh’s CAMLsec Lab Identified a New Vulnerability in the Cloud Scheduler

A paper entitled was written as part of a collaborative research effort with University of California (UC)- Davis and ���ӽ紫ý. Along with his collaborators at UC Davis, Khasawneh helped to discover a new vulnerability in cloud schedulers, which could inadvertently allow targeted micro-architectural attacks in the cloud. This paper pointed out that certain features in the cloud scheduler enables arbitrary users to influence scheduling results. This can help attackers co-locate attacker’s code with a targeted victim’s code in a heterogeneous cloud, which enables a wide variety of micro-architectural attacks that leak sensitive data.

“The current design of scheduling algorithms in the cloud focuses on enhancing workloads performance, resource utilization, and load-balancing without security considerations, which may bring new vulnerability as we showed in our work,” says Khasawneh.

The paper is accepted for publication at the 2022 Network and Distributed System Security Symposium (NDSS), and will be presented there in April.

This paper is co-authored with Behnam Omidi, a second year PHD student within the Electrical and Computer Engineering Department. His research focuses on discovering systems vulnerabilities and hardware support to secure computing systems.

Khasawneh—Omidi’s advisor-- says this paper was a great opportunity to gain useful knowledge as it was a tremendous collaborative effort between both schools.

“I’m more of an expert in microarchitecral attacks, and our co-collaborators at UC Davis, led by Dr. Homayoun, brings expertise of cloud computing and resource scheduling,” says Khasawneh.

Khasawneh’s Paper Selected as a Top Pick in Architecture and Hardware Security 2021

A paper co-authored by Khasawneh was selected as a

The top picks in architecture and embedded security represent the top and most impactful papers that have been published in the area in the last six years, from 2015 to 2020. Top picks are selected from conference papers that have appeared in leading hardware security conferences including but not limited to DAC, ICCAD, DATE, ASPDAC, HOST, Asian HOST, GLSVLSI, VLSI Design, CHES, ETS, VTS, ITC, S&P, Usenix Security, CCS, NDSS, ISCA, MICRO, ASPLOS, HPCA, HASP, ACSAC, Euro S&P, and Asia CCS.

The top pick paper is titled “ ” and had previously won the best paper award in the USENIX Workshop on Offensive Technologies (WOOT) in 2018. This paper discovers a new class of Spectre attack, called SpectreRSB, that exploits the return stack buffer (), which is used in modern CPUs to help predict return addresses, instead of the branch predictor unit. SpectreRSB allows malicious software to steal passwords, keys, and other sensitive information, from memory it shouldn't be allowed to touch.

According to Khasawneh, Linux kernel released a to protect against SpectreRSB vulnerability ().