[Busec] ECE Seminar: Yan Shoshitaishvili, Oct. 10 at 10 am in PHO 339

Manuel Egele megele at bu.edu
Thu Oct 5 11:56:33 EDT 2017


This should be a very interesting cybersecurity seminar. Yan's team
(Shellphish) won 3rd place in last year's DARPA Cyber Grand Challenge.
Hope to see you all there.
 

                                                                   
                                                                   
                                                                   
                                                                   
                                      The Long Road to Cyber Autonomy
                                                                   
                                                                   
                                                                   
                                                                   
                                                                   
                                                                   
                                                                    
                                                                   
                                                                   
                                                                    
                                                                 Yan
                                                      Shoshitaishvili
                                                                    
                                                           Assistant
                                                           Professor
                                                        Arizona State
                                                          University
                                                                    
                                                                    
                                                                   
                                                                   
                                                                   
                                                                    
                                                        Oct. 10, 2017
                                                     (Tue.), 10:00 am
                                                    8 St. Mary’s St.,
                                                             PHO 339
                                                        Faculty host:
                                                         Manuel Egele
                                                   Light refreshments
                                                    available at 9:45
                                                                 am.
                                                                    
                                                    View all upcoming
                                                              events
                                                                    
                                                                    
                                                            Abstract
                                                                   
    As software has proliferated to become a critical part of our daily
lives, increasing in both variety and volume beyond the ability of human
hackers to effectively analyze it, the need for automated techniques to
    identify and mitigate bugs and vulnerabilities has become painfully
                                                           apparent.
                                                                   
         Over the last few decades, several paradigms for the design of
            such automation have been explored by security researchers,
 numerous buzzwords have been coined, and many papers have been written
        to convey various techniques. However, despite decades of work,
  techniques for the automation of finding and fixing bugs are still in
          their infancy, and most such analyses are still done by hand.
                                                                   
        In this talk, I will delve into why this is the case, using the
 DARPA Cyber Grand Challenge as a vantage point to explore the issue. I
will explore the road we have taken to get where we are, the fundamental
(and not so fundamental) limitations holding us back, and muse about the
   next steps. I'll discuss this all in the context of my research into
         cyber autonomy and in the challenges and hurdles that my team,
Shellphish, faced in the Cyber Grand Challenge and in applying our Cyber
                                Reasoning System beyond that contest.
                                                                   
                                                                   
                                                                   
                                                                   
                                                                   
                                                                Bio
                                                                   
               Yan Shoshitaishvili is an assistant professor at Arizona
       State University, where he leads research into automated program
 analysis and vulnerability identification techniques. As part of this,
 Yan led Shellphish's participation in the DARPA Cyber Grand Challenge,
    applying his research to the creation of a fully autonomous hacking
system that won third place in the competition. Underpinning this system
    is angr, an open-source binary analysis project created by Yan (and
  others!) over the years. When he is not doing research, Yan is one of
the hacking aces of the Shellphish computer hacking group, playing with
                    them through cybersecurity competitions worldwide.
                                                                   
                                                                   
                                                                   
 



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20171005/7c778b89/attachment.html>


More information about the Busec mailing list