Welcome on board!

We’re excited to announce the arrival of four new PhD students in our lab, bringing our total number of PhD students to an impressive ten! Three of these new PhD students are pursuing their studies through a unique professional doctoral program, where they continue their work at their respective companies while advancing their research with us. This blend of academic and professional experience enriches the diversity and depth of knowledge in our lab.

Our master’s students also continues to grow, with thirteen students currently pursuing various advanced studies. In addition, we are pleased to welcome eight new undergraduate students. These students are the future of our research efforts, and their energy and fresh perspectives are invaluable to our team.

The range of research topics in our lab is as diverse as it is fascinating. Our work ranges from AI security and autonomous vehicle security to Web3 security, human factor security, physical space authentication techniques, and cybersecurity. This breadth of study reflects our commitment to pushing the boundaries of what’s possible and addressing some of the most pressing challenges in technology and society today.

We’re excited to see the contributions these new and continuing students will make to their respective fields. Their hard work and dedication make our lab a vibrant and innovative place. Welcome aboard, everyone! Let’s make great strides in research together!

Posted in Lab

研究室オープンハウス2024(学内向け情報)

研究室配属(あるいはプロジェクト研究履修)に際し、当研究室に興味がある人はオープンハウスの期間を利用して研究室訪問することをお薦めします(詳細は下記参照)。当研究室にかぎらず、研究室を選ぶ上で重要なのは研究室を主宰する教員の理念やビジョンに共感できることです。研究のスタイルが自分に合うかの判断も重要です。例えば基礎を重視するのか、応用を重視するのか。紙と鉛筆だけで研究できるのか、計算機だけで完結できるのか、実機が必要なのか、モノづくりが必要なのか。物事の本質を攻めるのか、実社会で使えるサービス化を目指すのか。レガシーを攻めるのか、流行りものを攻めるのか、流行ってもいない何か新しいものを攻めるのか。ハードやソフトを相手にするのか、人間を相手にするのか、等々。

どのような知識や技術を身につけたいかという視点も研究室選択の役に立つと思います。どの研究室でも共通するのは論理的な考え方や明快な文章の書き方や発表方法が身につくことです(特に大学院に進学すれば)。私の研究室ではこれらのことに加え、セキュリティ・プライバシーに関する専門知識と技術、そして国際的な経験値を沢山積んでほしいと考えています。そのために、レベルが高い国際会議に論文を投稿すること、そして日頃から英語で議論する経験を増やすことを重視しています。そうした場で認められるためには、明快なロジックの構成、文書作成、発表、議論が磨かれる必要があるからです。過去に研究室でどういう論文を書いてきたかは、業績のページから参照できます。

このあたりは事前に配布している研究室説明資料ではなかなか伝わりにくいと思います。教員からしても、実際に話をしてみないと学生が何を期待しているかがわからないものです。研究室を訪問して先輩学生何人かと話をしてみることで研究室の雰囲気を感じたり、実際の研究や生活に関する生の情報を収集することも出来ます。

今年の森研のオープンハウスは、対面のみ実施します。訪問を希望する人は、以下の時間帯で研究室に来てください。事前のアポは不要です。都合が良いタイミングに訪問してください。研究室の学生が複数名待機していますので、研究室に関する説明や感想を聞いたり、質問することができます。

※本学の学生のみ、オープンハウスへの訪問が可能ですのでご留意ください。

日時:
3月18日(月) 10:00-17:00
3月19日(火) 10:00-17:00
3月21日(木) 10:00-13:00

場所:63号館5F 0517室

オープンハウスでは、研究室の学生に研究室に関する説明や感想を聞いたり、質問することができます。森との個別相談を希望する場合、メールで連絡してください mori@seclab.jp

Posted in Lab

A paper got accepted!

We are pleased to announce that our paper has been accepted for publication at the Journal of Information Processing Information Processing Society of Japan (IPSJ). Congraturations, Watanabe-kun and the team!

T. Watanabe, E. Shioji, M. Akiyama, T. Mori, “Understanding the Breakdown of Same-Origin Policies in Web Services That Rehost Websites,” Journal of Information Processing, vol. xx, no. xx., pp. xxxx-xxxxx (in press)

This paper extends our original work presented at NDSS 2020 by providing detailed insights into the countermeasures implemented by global service providers, including Google, in response to our recommendations. These enhancements are crucial for understanding the evolving landscape of web service security. We elaborate on the real-world impact of our research in collaboration with JPCERT/CC.

Presented five posters at NDSS 2024

This year at NDSS 2024 held in San Diego, our team had the privilege of presenting five poster presentations, all focusing on the autonomous vehicle security. Some of these works were also showcased at VehicleSec 2024, reflecting our ongoing research projects under the JST CREST. The feedback we received from attendees was invaluable. Engaging with the community allowed us to gain new insights and perspectives, which are essential for refining our research and approaches.

Additionally, we organized a Mini NDSS Japan Night, an event that gathered around 20 researchers/students from the field. This intimate gathering proved to be a productive time for all, fostering discussions and collaborations that could shape the future of security research in Japan. These experiences underscore the importance of community and dialogue in the security research community. We are grateful for the engaging conversations and look forward to contributing further to this vital field.

A paper got accepted!

We are pleaased to announce that our paper has been accepted for publication at the 21st Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA 2024). Congratulations to Matsuo-kun and the team!

Kazuki Matsuo, Satoshi Tanda, Yuhei Kawakoya, Kuniyasu Suzaki, and Tatsuya Mori, “SmmPack: Obfuscation for SMM Modules,” Proceedings of DIMVA 2024 (accepted for publication)

In this paper, we address the urgent need to improve computer security for System Management Mode (SMM), the most privileged operating mode in x86 and x86-64 processors. Recognizing that SMM is frequently exploited by attackers to bypass critical security measures, we developed SmmPack. The key idea is to encrypt the SMM modules, making it much harder for hackers to access and analyze. Our extensive testing has shown that SmmPack not only effectively strengthens security, but also preserves computer performance. In addition, we have demonstrated the practicality of deploying and managing SmmPack, including during BIOS updates. This breakthrough represents a significant advancement in protecting the highly privileged SMM and securing computers against advanced cyber threats.

Image generated by ChatGPT