Sam King

Computer Science @ UC Davis

In the press

  • NEW Our humble UC Davis research software for scanning credit cards to prevent fraud has run on over 1 billion (!) devices. Some of the largest and most popular apps have used it for areas like food delivery, vacation rentals, mobile payments, grocery delivery, e-commerce, fashion, restaurants, and more. In the press here.
  • We invented a new security architecture for web browsers, which became the blueprint for Google Chrome's security architecture. Elements of this research can be found in all major browsers. In the press here and here.
  • We built the first known hardware-based rootkit, which for the first time showed how one could attack a computer system using a malicious processor. In the press here and here (full article here).
  • We invented the concept of a virtual-machine-based rootkit and built the first prototype. In the press here.

Fraud as a computer security problem

Percival (pdf). Establish fundamentals for how to run ML client-side in complex software stacks. Running ML client side is important for fraud.

Boxer (pdf). Defines how to formulate credit card scanning for fraud as an ML problem, and the systems and software needed to run it in practice.

Daredevil (pdf). Establishes novel ethical considerations for fraud systems in general, and outlines a system we built to help ensure that our software was sound from an ethical perspective. Deep on client-side ML.

Aragorn (pdf). A privacy-centric system for scanning objects (like credit cards) using the camera of a mobile phone. Aragorn removes background objects automatically while still enabling the client-side ML to work.

Secure web browsers

OP web browser (pdf). This paper was the first browser paper from my group, we were the first to rethink modern web browser architectures to improve security. We also used formal methods to help vet our system, and proposed new mechanisms and policies for coping with compromised browser plugins.

Gazelle (pdf). Extended the basic OP architecture and had some new ideas on dealing with display security.

Alhambra (pdf). Applied deterministic replay to web browsers to enable browser developers to test new security policies.

Vex (pdf). Tested browser extensions for potential security vulnerabilities. Key insight: many vulnerabilities could be expressed as information flows. We found several previously unknown and subtle vulnerabilities.

IBOS (pdf). Built a new browser and a new OS specifically for more secure browsers. Our specialized OS reduced the trusted computing base for our browser by 2-3 orders of magnitude when compared to other modern systems.

ExpressOS (pdf). Built a new OS that included strong formal verification, with support for the Android system call interface and libraries. Although not strictly a browser, this work builds on top of our previous work on secure web browsers directly.

Cocktail (pdf). Uses three commodity browsers in concert to add security and reliability.

Malicious hardware

IMP (pdf). Designed and implemented the first processor with hardware backdoors. We learned a lot about the threat from this experience.

BlueChip (pdf). Developed a hardware / software system for removing suspicious circuits from hardware designs. Surprising result: we removed legitimate hardware from a hardware design and used software to make forward progress safely.

Defeating UCI (pdf). Performed a detailed security analysis of the UCI algorithm. We found some subtle and clever circuits that showed how to evade our UCI algorithm.

SPECS (pdf). Hardware support for enforcing security invariants in a modern processor. Includes a study of modern processor errata to classify them into security and non-security critical bugs.

Deterministic replay

Capo (pdf). Built the first system to combine HW and SW replay systems. We found some subtle and interesting interactions when we combined the two.

QuickRec (pdf). A hardware prototype from Intel of record and replay support that uses the Capo HW/SW interface and Capo software.

Machine learning for systems and security (before it was cool)

Laika (pdf). Built a system for extracting data structures out of process heaps and stacks without using symbols. We found that data structures were fairly good at identifying processes, even for code-polymorphic malware.

Macho (pdf). Built a system for programming using natural language, examples, and a large database of source code. This is still early research, but we already generated a few simple coreutils applications.

Building secure robots (pdf). Worked on general OS abstractions for apps running on general purpose robots, with a strong emphasis on security. It turns out that computer security is very different when your computer is a robot.