30th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2025)
3-5, NOV, 2025, Seoul, Korea
30th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2025)
3-5, NOV, 2025, Seoul, Korea
Abstract With the rapid growth of AI and IoT, data has become a central asset in computing. Protecting important data throughout its entire lifecycle is now a critical challenge. Data exists in three states: at rest, in transit, and in use. Cryptographic technologies effectively protect data stored on storage and transmitted over networks. In contrast, protecting data in use has been far more difficult because data must be decrypted during program execution. Confidential computing has recently emerged as a promising solution to this problem. By leveraging hardware-based features, it creates a trusted execution environment (TEE), in which sensitive data can be securely processed without being exposed in plaintext. Major cloud providers now offer confidential virtual machines (VMs), which are large TEEs that include the operating system. While confidential VMs prevent attacks from the outside, e.g., cloud insiders or remote attackers, they do not provide protection against intruders inside the VMs. Therefore, system monitoring inside confidential VMs remains essential. However, it is impossible to securely monitor confidential VMs from the outside due to their confidentiality guarantees. In this talk, I will present our recent work on monitoring systems for confidential VMs. I will also introduce our ongoing project on a new TEE architecture designed to directly support secure system monitoring.
Bio Kenichi Kourai is a professor in the Department of Computer Science and Networks at Kyushu Institute of Technology. Prior to joining Kyushu Institute of Technology, he worked at NTT Network Innovation Laboratories and Tokyo Institute of Technology, where he contributed to advancements in secure and dependable systems. He received his Ph.D. from the University of Tokyo. He has actively contributed to the academic community and served as Chief Examiner for the SIG on Dependable Systems of the Japan Society for Software Science and Technology, and for the SIG on Systems Software and Operating Systems of the Information Processing Society of Japan. He has also taken leadership roles in international conferences, including General Chair of APSys 2020 and DASC 2024, and Program Chair of CyberSciTech 2019. His current research interests include virtual machines, cloud computing, system security, and the dependability of computing platforms.
Abstract C/C++ and Rust are widely used for their performance and low-level control, but they remain exposed to persistent memory and type bugs that can cause serious security incidents. In this talk, I introduce three recent approaches we developed to address these bugs efficiently and effectively. First, CMASan targets custom memory allocator-related memory bugs in C/C++—a common blind spot for existing sanitizers—by analysing and handling allocator-specific memory operations and corruption patterns. Second, Type++ provides a further efficient approach to detecting type confusion bugs with minimal performance overhead, making runtime protection more practical. Lastly, ERASan targets memory bugs that occur within Rust unsafe-related regions, offering an efficient detection approach despite Rust’s overall memory-safety design.
Bio Yuseok Jeon is an Associate Professor in the Department of Computer Science and Engineering at Korea University. He has about six years of work experience across companies and research institutes in both the US and South Korea, such as the National Security Research Institute (NSRI), Samsung Research, NEC Labs America, and Intel. His research mainly focuses on addressing software and systems security challenges through sanitization, fuzzing, and AI-based techniques. He actively serves on program committees for top-tier security conferences, including USENIX Security, IEEE S&P, ACM CCS, and NDSS, and contributes to leading journals (e.g., ACM Computing Surveys as an Associate Editor). His research has been published in top venues —including CCS, S&P, NDSS, and USENIX Security— and has received several awards, including the CERIAS Diamond Award and NDSS 2025 Distinguished Paper Award.
