A paper got accepted!

We are pleaased to announce that our paper has been accepted for publication at the Journal of Information Processing Information Processing Society of Japan (IPSJ). Congraturations, Watanabe-kun and the team!

T. Watanabe, E. Shioji, M. Akiyama, T. Mori, “Understanding the Breakdown of Same-Origin Policies in Web Services That Rehost Websites,” Journal of Information Processing, vol. xx, no. xx., pp. xxxx-xxxxx (in press)

This paper extends our original work presented at NDSS 2020 by providing detailed insights into the countermeasures implemented by global service providers, including Google, in response to our recommendations. These enhancements are crucial for understanding the evolving landscape of web service security. We elaborate on the real-world impact of our research in collaboration with JPCERT/CC.

Presented five posters at NDSS 2024

This year at NDSS 2024 held in San Diego, our team had the privilege of presenting five poster presentations, all focusing on the autonomous vehicle security. Some of these works were also showcased at VehicleSec 2024, reflecting our ongoing research projects under the JST CREST. The feedback we received from attendees was invaluable. Engaging with the community allowed us to gain new insights and perspectives, which are essential for refining our research and approaches.

Additionally, we organized a Mini NDSS Japan Night, an event that gathered around 20 researchers/students from the field. This intimate gathering proved to be a productive time for all, fostering discussions and collaborations that could shape the future of security research in Japan. These experiences underscore the importance of community and dialogue in the security research community. We are grateful for the engaging conversations and look forward to contributing further to this vital field.

A paper got accepted!

We are pleaased to announce that our paper has been accepted for publication at the 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2024). Congratulations to Matsuo-kun and the team!

Kazuki Matsuo, Satoshi Tanda, Yuhei Kawakoya, Kuniyasu Suzaki, and Tatsuya Mori, “SmmPack: Obfuscation for SMM Modules,” Proceedings of DIMVA 2024 (accepted for publication)

In this paper, we address the urgent need to improve computer security for System Management Mode (SMM), the most privileged operating mode in x86 and x86-64 processors. Recognizing that SMM is frequently exploited by attackers to bypass critical security measures, we developed SmmPack. The key idea is to encrypt the SMM modules, making it much harder for hackers to access and analyze. Our extensive testing has shown that SmmPack not only effectively strengthens security, but also preserves computer performance. In addition, we have demonstrated the practicality of deploying and managing SmmPack, including during BIOS updates. This breakthrough represents a significant advancement in protecting the highly privileged SMM and securing computers against advanced cyber threats.

Image generated by ChatGPT

Two short papers and two posters got accepted for VehicleSec 2024!

We are pleased to announce that the following two work-in-progress (WIP) papers and two poster submissions have been accepted for publication at the upcoming Symposium on Vehicle Security and Privacy (VehicleSec 2024). Congratulations to everyone involved!

R. Kobayashi, K. Nomoto, Y. Tanaka, G. Tsuruoka, T. Mori, “WIP: Shadow Hack: Adversarial Shadow Attack Against LiDAR Object Detection,” VehicleSec 2024 (to appear)

G. Tsuruoka, T. Sato, A. Chen, K. Nomoto, R. Kobayashi, Y. Tanaka, T. Mori, “WIP: Adversarial Retroreflective Patches: A Novel Stealthy Attack on Traffic Sign Recognition at Night,” VehicleSec 2024 (to appear)

Z. He, T. Mori, “Poster: Robustness of DRL-Based Autonomous Driving to Adversarial Inputs,” VehicleSec 2024 (to appear)

Y. Zhao, T. Mori, “Poster: Bypassing Physical Invariants-Based Defenses in Autonomous Vehicles,” VehicleSec 2024 (to appear)

Image generated by ChatGPT

A Paper Got Accepted!

We are pleased to announce that our paper, “Longitudinal Measurement Study of the Domain Names Associated with Olympic Games,” has been accepted for publication in IEEE ACCESS. Congratulations to Kawaoka-kun and the co-authors!

Our study focuses on domain names related to the Olympic Games, specifically analyzing the Tokyo, Beijing, and Paris Olympics. We observed significant increases in domain registrations linked to these events, notably during the Tokyo 2020 postponement and the Beijing 2022 diplomatic boycott. The study also reveals a rise in the misuse of these domains, particularly for malicious websites, as the games approached.

As we head towards the Paris Olympics this year, our findings highlight the critical importance of monitoring and securing the digital landscape surrounding such global events, emphasizing the need for heightened awareness and proactive security measures in the face of evolving online threats.

R. Kawaoka, D. Chiba, T. Watanabe, M. Akiyama, and T. Mori, “Longitudinal Measurement Study of the Domain Names Associated with Olympic Games,” IEEE ACCESS, Vol. XX, No. XX. pp. XXXX-XXXX, 2024 [Early access version] (the title will be changed)