Selected Ant Group Papers Presented at NDSS 2025

SCRUTINIZER: Towards Secure Forensics on Compromised TrustZone Paper link: https://research.polyu.edu.hk/en/publications/scrutinizer-towards-secure-forensics-on-compromised-trustzone/fingerprints/ Source: Research collaboration Fields: Digital forensics, system security Abstract: The number of exploitable vulnerabilities in Arm TrustZone is rising, yet there are no forensic tools for incident response. Traditional external forensics are blocked by TrustZone protections, and internal methods are vulnerable to privileged attacks. SCRUTINIZER leverages the Root World of Arm’s Confidential Computing Architecture to build a protected monitor and a separate memory‑acquisition agent, reducing address‑translation overhead and providing secure memory‑access breakpoints, instruction tracing, and resistance to privileged tampering.

BumbleBee: Secure Two‑party Inference Framework for Large Transformers Paper link: https://eprint.iacr.org/2023/1678.pdf Source: Research collaboration Fields: Cryptography, privacy computing, large models, machine learning Abstract: To protect data privacy in large Transformer models, BumbleBee offers a fast, communication‑efficient two‑party private inference system. By optimizing matrix‑multiplication and activation protocols, it cuts communication by ~90% and speeds up token generation (e.g., ~14 minutes per token for LLaMA‑7B on CPU), outperforming prior solutions in both performance and bandwidth usage.

RACONTEUR: A Knowledgeable, Insightful, and Portable LLM‑Powered Shell Command Explainer Paper link: https://www.semanticscholar.org/reader/f8bb6887a591872b47f75d28b22baba7b0521655 Source: Targeted special‑project collaboration Fields: Cybersecurity, large‑model applications, command explanation Abstract: Malicious shell commands are hard to analyze due to obfuscation. RACONTEUR uses a large language model enriched with security knowledge to generate accurate, human‑readable explanations, maps intents to MITRE ATT&CK techniques, and incorporates a document retriever to handle unseen private commands.

Rondo: Scalable and Reconfiguration‑Friendly Randomness Beacon Paper link: https://eprint.iacr.org/2024/641.pdf Source: Joint lab collaboration Fields: Blockchain, privacy computing Abstract: Rondo introduces a distributed randomness beacon (DRB) built on a batch‑asynchronous verifiable secret sharing (bAVSS‑PO) primitive, achieving O(n) messaging in the sharing phase and avoiding O(n³) costs. It also provides Rondo‑BFT, a dynamic partially‑synchronous Byzantine fault‑tolerant protocol that periodically outputs random beacons, demonstrating higher throughput and scalability on up to 91 cloud instances.

The Road to Trust: Building Enclaves within Confidential VMs Paper link: https://arxiv.org/pdf/2402.11438 Source: Research collaboration Fields: Confidential computing Abstract: Confidential VMs protect workloads but the trust chain stops at the guest OS, which remains a large attack surface. By exploiting VM privilege levels (VMPL) and deploying a monitor at VMPL0, the authors create a depth‑defense memory isolation mechanism that removes the OS from the trust chain, achieving negligible performance overhead compared with existing solutions.