[Busec] ECE Seminar: Yan Shoshitaishvili, Oct. 10 at 10 am in PHO 339
megele at bu.edu
Thu Oct 5 11:56:33 EDT 2017
This should be a very interesting cybersecurity seminar. Yan's team
(Shellphish) won 3rd place in last year's DARPA Cyber Grand Challenge.
Hope to see you all there.
The Long Road to Cyber Autonomy
Oct. 10, 2017
(Tue.), 10:00 am
8 St. Mary’s St.,
available at 9:45
View all upcoming
As software has proliferated to become a critical part of our daily
lives, increasing in both variety and volume beyond the ability of human
hackers to effectively analyze it, the need for automated techniques to
identify and mitigate bugs and vulnerabilities has become painfully
Over the last few decades, several paradigms for the design of
such automation have been explored by security researchers,
numerous buzzwords have been coined, and many papers have been written
to convey various techniques. However, despite decades of work,
techniques for the automation of finding and fixing bugs are still in
their infancy, and most such analyses are still done by hand.
In this talk, I will delve into why this is the case, using the
DARPA Cyber Grand Challenge as a vantage point to explore the issue. I
will explore the road we have taken to get where we are, the fundamental
(and not so fundamental) limitations holding us back, and muse about the
next steps. I'll discuss this all in the context of my research into
cyber autonomy and in the challenges and hurdles that my team,
Shellphish, faced in the Cyber Grand Challenge and in applying our Cyber
Reasoning System beyond that contest.
Yan Shoshitaishvili is an assistant professor at Arizona
State University, where he leads research into automated program
analysis and vulnerability identification techniques. As part of this,
Yan led Shellphish's participation in the DARPA Cyber Grand Challenge,
applying his research to the creation of a fully autonomous hacking
system that won third place in the competition. Underpinning this system
is angr, an open-source binary analysis project created by Yan (and
others!) over the years. When he is not doing research, Yan is one of
the hacking aces of the Shellphish computer hacking group, playing with
them through cybersecurity competitions worldwide.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Busec