Skip to main content

Changming Liu

PhD Student

Contact

GGoogle Scholar

Eliu.changm@husky.neu.edu

Office Location

600 ISEC

Education

  • ME, Huazhong University of Science and Technology
  • BE, Huazhong University of Science and Technology

About Me

  • Hometown: Yichang, China
  • Field of Study:  Information Security
  • PhD Advisor:  Long Lu

What are the specifics of your graduate education (thus far)?

I have applied both static and dynamic methods to detecting concurrency bugs in user space programs.  I also have experience with privacy-preserving computing namely, applying homomorphic encryption to make popular multi-media application e.g. JPEG preserve privacy.

What are your research interests in a bit more detail? Is your current academic/research path what you always had in mind for yourself, or has it evolved somewhat? If so, how/why?

I have always been interested in software and computer system security. Namely, the root cause of the vulnerabilities in current computer systems even if the software is carefully designed and why it’s so hard to eliminate these vulnerabilities.  This is a very fundamental question vital for today’s IT’s era.

What’s one problem you’d like to solve with your research/work?

I basically want to push the boundaries of current state-of-the-art vulnerabilities detection methods (i.e. developing robust scalable accurate approach that can detect as many vulnerabilities as possible), while catching up with the current advanced vulnerability mitigation techniques.

What aspect of what you do is most interesting/fascinating to you? What aspects of your research (findings, angles, problems you’re solving) might surprise others?

I think the most interesting but also challenging, part of my research is modeling all the faults/ bugs that can occur in software, and define or abstract them in a way that is as neat and precise as possible. Also implementing them is also very fun (to me).

I think the most shocking thing about my research is that, despite the campaign against software vulnerabilities that has been going on for decades, there are still so many in the wild.

What are your research/career goals, going forward?

Hopefully, after finishing my PhD here, I will become a research professor or a researcher, which would enable me to keep dealing with interesting security issues.

Where did you grow up/spend the most defining years of your childhood/young adulthood?

I think the most defining year which drove me to research is when I had my internship with my mentor in MSRA in Beijing while pursuing my Masters. It was my first time to solve real-world problems with the knowledge I learned from school. And my mentor showed me how interesting this is, and this boosted my confidence when facing really hard problems.

Where did you study for your undergraduate degree? Any reason in particular behind your choice (a program you were excited about, a city you love, a researcher you wanted to work with)?

I had my undergraduate degree in Wuhan, China. My college (CS college) during that time was famous for having a vibe of programmers, this inspired my interests for programming as well.

Recent Publications

A Heuristic Framework to Detect Concurrency Vulnerabilities

Changming Liu, Deqing Zou, Peng Luo, Bin B. Zhu, and Hai Jin. 2018. A Heuristic Framework to Detect Concurrency Vulnerabilities. In Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC '18). ACM, New York, NY, USA, 529-541.

Abstract

With a growing demand of concurrent software to exploit multi-core hardware capability, concurrency vulnerabilities have become an inevitable threat to the security of today’s IT industry. Existing concurrent program detection schemes focus mainly on detecting concurrency errors such as data races, atomicity violation, etc., with little attention paid to detect concurrency vulnerabilities that may be exploited to infringe security. In this paper, we propose a heuristic framework that combines both static analysis and fuzz testing to detect targeted concurrency vulnerabilities such as concurrency buffer overflow, double free, and use-after-free. The static analysis locates sensitive concurrent operations in a concurrent program, categorizes each finding into a potential type of concurrency vulnerability, and determines the execution order of the sensitive operations in each finding that would trigger the suspected concurrency vulnerability. The results are then plugged into the fuzzer with the execution order fixed by the static analysis in order to trigger the suspected concurrency vulnerabilities.

In order to introduce more variance which increases possibility that the concurrency errors can be triggered, we also propose manipulation of thread scheduling priority to enable a fuzzer such as AFL to effectively explore thread interleavings in testing a concurrent program. To the best of our knowledge, this is the first fuzzer that is capable of effectively exploring concurrency errors.

In evaluating the proposed heuristic framework with a benchmark suit of six real-world concurrent C programs, the framework detected two concurrency vulnerabilities for the proposed concurrency vulnerability detection, both being confirmed to be true positives, and produced three new crashes for the proposed interleaving exploring fuzzer that existing fuzzers could not produce. These results demonstrate the power and effectiveness of the proposed heuristic framework in detecting concurrency errors and vulnerabilities.

JPEG Decompression in the Homomorphic Encryption Domain

Xiaojing Ma, Changming Liu, Sixing Cao, and Bin B. Zhu. 2018. JPEG Decompression in the Homomorphic Encryption Domain. In Proceedings of the 26th ACM international conference on Multimedia (MM '18). ACM, New York, NY, USA, 905-913.

Abstract

Privacy-preserving processing is desirable for cloud computing to relieve users’ concern of loss of control of their uploaded data. This may be fulfilled with homomorphic encryption. With widely used JPEG, it is desirable to enable JPEG decompression in the homomorphic encryption domain. This is a great challenge since JPEG decoding needs to determine a matched codeword, which then extracts a codeword-dependent number of coefficients. With no access to the information of encrypted content, a decoder does not know which codeword is matched, and thus cannot tell how many coefficients to extract, not to mention to compute their values. In this paper, we propose a novel scheme that enables JPEG decompression in the homomorphic encryption domain. The scheme applies a statically controlled iterative procedure to decode one coefficient per iteration. In one iteration, each codeword is compared with the bitstream to compute an encrypted Boolean that represents if the codeword is a match or not. Each codeword would produce an output coefficient and generate a new bitstream by dropping consumed bits as if it were a match. If a codeword is associated with more than one coefficient, the codeword is replaced with the codeword representing the remaining undecoded coefficients for the next decoding iteration. The summation of each codeword’s output multiplied by its matching Boolean is the output of the current iteration. This is equivalent to selecting the output of a matched codeword. A side benefit of our statically controlled decoding procedure is that paralleled Single-Instruction Multiple-Data (SIMD) is fully supported, wherein multiple plaintexts are encrypted into a single plaintext, and decoding a ciphertext block corresponds to decoding all corresponding plaintext blocks. SIMD also reduces the total size of ciphertexts of an image. Experimental results are reported to show the performance of our proposed scheme.