SCP Security Seminar
Speaker: Jason Kim, Ph.D. student
Title: Spook.js: Attacking Chrome Strict Site Isolation via Speculative Execution
Abstract: The discovery of the Spectre attack in 2018 has sent shockwaves through the computer industry, affecting processor vendors, OS providers, programming language developers, and more. Because web browsers execute untrusted code while potentially accessing sensitive information, they were considered prime targets for attacks and underwent significant changes to protect users from speculative execution attacks.
Biography: Jason Kim is a second-year Ph.D. student advised by Prof. Daniel Genkin at Georgia Tech's School of Cybersecurity and Privacy. Jason's research lies at the intersection of side-channel attacks arising from CPU microarchitecture and how they can be exploited from web browsers. His ultimate goal is to harden web browsers against leaking secrets: billions of people browse the internet on a daily basis and handle sensitive or personal information on the web, yet browsers automatically execute untrusted code served from websites as soon as a user visits the site. Prior to Georgia Tech, Jason graduated from the University of Michigan in 2021 with a Bachelor's in Computer Science. He is an author and presenter of Spook.js, which was published at the 2022 IEEE Symposium on Security and Privacy.
Pradyumna Shome, Ph.D. Student