WiCyS Guest Speaker Talk with Dr. Zhiqiang Lin

Women in Cybersecurity (WiCys) is hosting a guest speaker talk with Dr. Zhiqiang Lin on October 20th at 6 pm. The event will take place in Dreese Lab, room 317, if interested please fill out the form attached above.

Being near range wireless communication technology, Bluetooth Low Energy (BLE) has been widely used in numerous Internet-of-Things (IoT) devices from healthcare, fitness, wearables, to smart homes, because of its extremely lower energy consumption. Unfortunately, the past several years have also witnessed numerous security flaws that have rendered billions of Bluetooth devices vulnerable to attacks. While luckily these flaws have been discovered, there is no reason to believe that current Bluetooth Low Energy protocols and implementations are free from attacks, since Bluetooth Low Energy consists of multiple layers with various sub-protocols and components.

In this talk, Dr. Lin will talk about a number of recently discovered security and privacy threats against the BLE, and the lessons learned from those threats. In particular, he will first discuss the protocol-level downgrade attack, an attack that can force the secure BLE channels into insecure ones to break the data integrity and confidentiality of BLE traffic. Then, he will introduce Bluetooth Address Tracking (BAT) attack, a new protocol-level attack discovered from his group, which can track randomized Bluetooth MAC addresses by using a novel allowlist-based side channel. Next, he will discuss the lessons learned, root causes of the attack, and its countermeasures. Finally, he will conclude his talk by discussing future directions in Bluetooth security and privacy.

Biography: Dr. Zhiqiang Lin is currently a Distinguished Professor of Engineering at The Ohio State University. His research interests center around systems and software security, with a key focus on (1) developing automated binary analysis techniques for vulnerability discovery and malware analysis, (2) hardening the systems and software from binary code rewriting, virtualization, and trusted execution environment, and (3) the applications of these techniques in Mobile, IoT, Bluetooth, and Connected and Autonomous Vehicles. He has published over 100 papers, many of which appeared in the top venues in cybersecurity. He is a recipient of Harrison Faculty Award for Excellence in Engineering Education, NSF CAREER award, AFOSR Young Investigator award, and Outstanding Faculty Teaching Award. He received his Ph.D. in Computer Science from Purdue University.