Matthew Hicks


Avatar

Associate Professor

Department of Computer Science

Virginia Tech

Blacksburg, VA 24060

About me

I am an Associate Professor in the Computer Science Department at Virginia Tech. Previously, I was a member of the technical staff at MIT Lincoln Laboratory. Before that, I was a Lecturer at the University of Michigan, where I taught courses on Security and Programming. Between 2013 and 2015, I was a Postdoc working with Todd Austin (Architecture) and Kevin Fu (Security) at the University of Michigan. In May of 2013, I earned a PhD in Computer Science (advised by Sam King, now at UC-Davis) at the University of Illinois Urbana-Champaign, where I also earned my Masters in 2008. I earned my BS in Computer Science from the University of Central Florida in May 2006. Broadly, I am interested in systems, security, and architecture. My current research spans the security of hardware, hardware for increased software security, embedded system security, and intermittently computation. I am especially interested in how hardware changes over time and how it fails with respect to security. Previous research projects include, crafting and detecting malicious insertions into hardware and hardware support for real-time and embedded systems.

News & Updates

Research Summary

Binary Analysis / Fuzzing:

Binary Analysis / Fuzzing:

Binary Analysis / Fuzzing:

Publications

2023

Fall 2022 - CS 4264 - Principles of Computer Security

Matthew Hicks, Leo Stone, Rishi Ranjan, Stefan Nagy, and

USENIX Security Symposium (USENIX). August 2023.

2023

Not All Data are Created Equal: Data and Pointer Prioritization for Scalable Protection Against Data-Oriented Attacks.

Matthew Hicks, Salman Ahmed, Hans Liljestrand, Hani Jamjoom, N. Asokan, and Daphne Yao.

USENIX Security Symposium (USENIX). August 2023.

2023

T-TER: Defeating A2 Trojans with Targeted Tamper-Evident Routing

Timothy Trippel, Kang G. Shin, Kevin B. Bush, and Matthew Hicks.

ACM ASIA Conference on Computer and Communications Security (AsiaCCS). July 2023.

2023

Practical Considerations of Energy Harvesting Source in Minimization of Age of Information with Updating Erasures.

Fariborz Lohrabi Pour, Harrison Williams, Matthew Hicks, and Dong Sam Ha.

IEEE International Symposium on Circuits and Systems (ISCAS). May 2023.

2022

One Fuzz Doesn’t Fit All: Optimizing Directed Fuzzing via Target-tailored Program State Restriction.

Prashast Srivastava, Stefan Nagy, Matthew Hicks, Antonio Bianchi, and Mathias Payer.

Annual Computer Security Applications Conference (ACSAC). December 2022.

2022

Self-Reinforcing Memoization for Cryptography Calculations In Secure Memory Systems.

Xin Wang, Daulet Talapkaliyev, Matthew Hicks, and Xun Jian.

International Symposium on Microarchitecture (MICRO). October 2022.

2022

Fuzzing Hardware Like Software.

Timothy Trippel, Kang G. Shin, Alex Chernyakhovsky, Garret Kelly, Dominic Rizzo, and Matthew Hicks.

USENIX Security Symposium (USENIX). August 2022.

2022

Invisible Bits: Hiding Secret Messages in SRAM’s Analog Domain.

Jubayer Mahmod and Matthew Hicks

International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). March 2022.

2022

SRAM Has No Chill: Exploiting Power Domain Separation to Steal Onchip Secrets.

Jubayer Mahmod and Matthew Hicks

International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). March 2022.

2021

RingRAM: A Unified Hardware Security Primitive for IoT Devices that Gets Better with Age

Michael Moukarzel and Matthew Hicks.

Annual Computer Security Applications Conference (ACSAC). December 2021.

2021

Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coveragepreserving Coverage-guided Tracing.

Stefan Nagy, Anh Nguyen-Tuong, Jason Hiser, Jack Davidson, and Matthew Hicks.

ACM Conference on Computer and Communications Security (CCS). November 2021.

2021

Failure Sentinels: Ubiquitous Just-in-time Intermittent Computation via hardware support for continuous, low-cost, fine-grain voltage monitoring.

Harrison Williams, Michael Moukarzel, and Matthew Hicks.

International Symposium on Computer Architecture (ISCA). June 2021.

2021

Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing.

Stefan Nagy, Anh Nguyen-Tuong, Jason Hiser, Jack Davidson, and Matthew Hicks.

USENIX Security Symposium (USENIX). August 2021.

2021

Bomberman: Defining and Defeating Hardware Ticking Timebombs at Design-time.

Timothy Trippel, Kang G. Shin, Kevin B. Bush, and Matthew Hicks.

IEEE Symposium on Security and Privacy (Oakland). May 2021.

2020

ICAS: an Extensible Framework for Estimating the Susceptibility of IC Layouts to Additive Trojans.

Timothy Trippel, Kang G. Shin, Kevin B. Bush, and Matthew Hicks.

IEEE Symposium on Security and Privacy (Oakland). May 2020.

2020

Forget Failure: Exploiting SRAM Data Remanence for Low-overhead Intermittent Computation

Harrison Williams, Xun Jian, and Matthew Hicks.

International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS). March 2020.

2019

Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing

Stefan Nagy and Matthew Hicks.

IEEE Symposium on Security and Privacy (Oakland). May 2019.

2017

Clank: Architectural Support for Intermittent Computation.

Matthew Hicks.

International Symposium on Computer Architecture (ISCA). June 2017.

2016

Intermittent Computation without Hardware Support or Programmer Intervention

Joel Van Der Woude and Matthew Hicks.

USENIX Symposium on Operating Systems Design and Implementation (OSDI). November 2016.

2016

A2: Analog Malicious Hardware.

Kaiyuan Yang, Matthew Hicks, Qing Dong, Todd Austin, and Dennis Sylvester.

IEEE Symposium on Security and Privacy (Oakland). May 2016.

Distinguished Paper award.
Pwnie Most Innovative Research Award finalist.
Top Picks in Hardware and Embedded Security 2022

2016

ANVIL: Software-Based Protection Against Next-Generation Rowhammer Attacks.

Zelalem Birhanu Aweke, Salessawi Ferede Yitbarek, Rui Qiao, Reetuparna Das, Matthew Hicks, Yossi Oren, and Todd Austin.

Symposium on Architectural Support for Programming Languages and Operating Systems (ASPLOS). March 2016.

2015

Probable Cause: The Deanonymizing Effects of Approximate DRAM.

Amir Rahmati, Matthew Hicks, Daniel E. Holcomb, and Kevin Fu.

International Symposium on Computer Architecture (ISCA). June 2015.

2015

SPECS: A lightweight runtime mechanism for protecting software from security-critical processor bugs.

Matthew Hicks, Cynthia Sturton, Samuel T. King, and Jonathan M. Smith.

Symposium on Architectural Support for Programming Languages and Operating Systems (ASPLOS). March 2015.

2011

Defeating UCI: Building Stealthy and Malicious Hardware.

Cynthia Sturton, Matthew Hicks, David Wagner, and Samuel T. King.

IEEE Symposium on Security and Privacy (Oakland). May 2011

2010

Overcoming an Untrusted Computing Base: Detecting and Removing Malicious Hardware Automatically.

Matthew Hicks, Murph Finnicum, Samuel T. King, Milo M. K. Martin, and Jonathan M. Smith.

IEEE Symposium on Security and Privacy (Oakland). May 2010.

Software

HeXcite (CCS'21): High-Efficiency eXpanded Coverage for Improved Testing of Executables.

ZAFL(USENIX'21): A compiler-quality binary fuzzing instrumenter.

UnTracer-AFL(Oakland'19): Fast fuzzing through Coverage-guided Tracing.

FoRTE-FuzzBench(Oakland'19): An open-source fuzzing benchmark.

AFL-FID(Oakland'19): A suite of tools for fixed-corpus fuzzing experiments.

AFL-Dyninst: An improved fork of AFL-Dyninst for binary fuzzing.

Teaching

CS 4264:Principles of Computer Security [Fall 2022]

CS 6204: System Security Seminar: Fuzzing [Spring 2022]

CS 4264: Principles of Computer Security [Fall 2021]

CS/ECE 5590: System and Application Security [Spring 2021]

CS 3214: Computer Systems [Fall 2020]

CS 6204: System Security Seminar: Hardware Security [Spring 2020]

CS 4264: Principles of Computer Security [Fall 2019]

CS/ECE 5590: System and Application Security [Spring 2019]

CS 4264: Principles of Computer Security [Fall 2019]

Funding

Advice

Ph.D. dissertation/research advice:

Acknowledgements

NSF-logo
DARPA Logo
Xilinx-Logo