Yue Chen, a fourth-year PhD student, has been conducting research in system and mobile security under the guidance of Prof. Zhi Wang. His recent paper titled “Adaptive Android Kernel Live Patching” has been published in USENIX Security 2017, a top-tier conference in security and privacy. In this paper, Yue tries to address an important real-world problem in which most Android devices are never timely updated. Kernel vulnerabilities in these devices pose a serious threat to user security and privacy because the kernel is the foundation of security and trust for the whole device. To protect users from kernel exploits, Yue, together with other researchers, proposed KARMA, an adaptive kernel live patching system for Android kernels. A defining feature of KARMA is that it can automatically adapt a reference patch to different devices, significantly reducing the window of vulnerability.

 

This paper is a collaboration with researchers from the Baidu X-lab. KARMA is a key component in the forthcoming OASES open initiative (https://oases.io/).