Key Takeaways from the 2022 XDef‑OPPO Security Salon Chengdu – Advanced Threat Defense

On November 19, 2022, the 2022 XDef‑OPPO Security Salon (Chengdu) was jointly organized by Wuhan University Aerospace Laboratory and OPPO, and co‑hosted by OPPO Amber Lab and OPPO Industry‑Academic Research Department at the OCG Building C in Chengdu.

The event, themed “Mutual Advancement of Attack and Defense, Sword Drawn”, brought together technical elites and experts to review past achievements and explore future directions in security.

Key discussion topics included system‑level three‑dimensional defense, DOS attacks in data storage, memory vulnerabilities in Bluetooth protocols, cross‑device information flow construction and taint analysis, and security challenges in Android hybrid development.

Opening remarks were delivered by Prof. Peng Guojun, Vice Dean of Wuhan University National Cybersecurity Institute and co‑founder of the XDef summit, and Wang Anyu, General Manager of OPPO Terminal Security.

Prof. Fu Jianming presented “Three‑Dimensional Defense of Vulnerability Attacks”, examining defense strategies from the perspectives of resource integrity, diversity, and entrapment.

Zhang Yuan, associate professor at Fudan University, introduced “Straw Attack: The Final Straw that Crushed Android Systems”, detailing a DOS attack on Android services and the StrawFuzzer tool for large‑scale vulnerability detection.

Ai Lei, senior terminal security engineer at OPPO Amber Lab, analyzed new Bluetooth 5.2 flow‑control mode vulnerabilities and demonstrated memory‑out‑of‑bounds exploits in L2CAP, citing two high‑severity Google CVEs and one Qualcomm CVE.

Chen Ruidong from University of Electronic Science and Technology discussed security design for distributed operating systems across mobile devices, showcasing a static taint‑analysis framework for Android that uncovered dozens of new attacks and privacy issues.

Kong Xiao, senior security researcher at OPPO Amber Lab, detailed security risks and defense strategies in Android hybrid development, comparing native and emerging frameworks, attack models, and step‑by‑step exploit reproductions.

The roundtable, led by Amber Lab director Chen Yong with speakers and OPPO security GM Wang Anyu, examined emerging security trends, threats, and proactive countermeasures for terminal manufacturers.

Overall, the salon provided a platform for deep technical exchange on cutting‑edge endpoint security, inspiring participants with practical insights and future research directions.