Presentation is loading. Please wait.

Presentation is loading. Please wait.

TRUST:Team for Research in Ubiquitous Secure Technologies

Published byΚλεοπάτρα Μελετόπουλος Modified over 6 years ago

Similar presentations

Presentation on theme: "TRUST:Team for Research in Ubiquitous Secure Technologies"— Presentation transcript:

1 TRUST:Team for Research in Ubiquitous Secure Technologies
Program Analysis and System Composition Alex Aiken Stanford University NSF STC Review September 6, 2004

2 Program Analysis Recent work shows program analysis can find security holes Wagner’s thesis work The challenge Scale: Handling big programs 10M’s lines of code Precision And analyzing them in detail Avoiding approximations NSF STC Review December 1, 2018

3 Scale and Accuracy We find many more bugs whenever we
Can increase the lines of code analyzed together by 10X Can improve the precision of the analysis Current techniques 1M’s lines of code with low precision Type, dataflow based 100K lines of code with high precision Model checking, theorem-proving based The Challenge 10M’s lines of code with high precision Track record suggests that we can accomplish this goal NSF STC Review December 1, 2018

4 Another Dimension Must deal with software heterogeneity
Components written in multiple languages Exceptionally weak composition semantics Newer attacks exploit such weaknesses E.g., code injection attacks Current research efforts are disjointed Scope of the problem is not even known Significant engineering challenges NSF STC Review December 1, 2018

Download ppt "TRUST:Team for Research in Ubiquitous Secure Technologies"

Similar presentations

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Understand Database Security Concepts

Understand Database Security Concepts
Making CHASE Mainstream Robert DeLine Microsoft Research CHASE Workshop, ICSE 2009.

Making CHASE Mainstream Robert DeLine Microsoft Research CHASE Workshop, ICSE 2009.
Choosing SATE Test Cases Based on CVEs Sue Wang October 1, 2010 The SAMATE Project 1SATE 2010 Workshop.

Choosing SATE Test Cases Based on CVEs Sue Wang October 1, 2010 The SAMATE Project 1SATE 2010 Workshop.
Assurance through Enhanced Design Methodology Orlando, FL 5 December 2012 Nirav Davé SRI International This effort is sponsored by the Defense Advanced.

Assurance through Enhanced Design Methodology Orlando, FL 5 December 2012 Nirav Davé SRI International This effort is sponsored by the Defense Advanced.
Software Security Growth Modeling: Examining Vulnerabilities with Reliability Growth Models Andy Ozment Computer Security Group Computer Laboratory University.

Software Security Growth Modeling: Examining Vulnerabilities with Reliability Growth Models Andy Ozment Computer Security Group Computer Laboratory University.
Sound and Precise Analysis of Web Applications for Injection Vulnerabilities Gary Wassermann Zhendong Su.

Sound and Precise Analysis of Web Applications for Injection Vulnerabilities Gary Wassermann Zhendong Su.
Software Reliability Methods Sorin Lerner. Software reliability methods: issues What are the issues?

Software Reliability Methods Sorin Lerner. Software reliability methods: issues What are the issues?
COCOMO II Database Brad Clark Center for Software Engineering Annual Research Review March 11, 2002.

COCOMO II Database Brad Clark Center for Software Engineering Annual Research Review March 11, 2002.
Software Engineering Tools and Methods Presented by: Mohammad Enamur Rashid(2009-1-96-04) Mohammad Rashim Uddin(2009-1-96-008) Masud Ur Rahman(2009-1-96-009)

Software Engineering Tools and Methods Presented by: Mohammad Enamur Rashid( ) Mohammad Rashim Uddin( ) Masud Ur Rahman( )
An Introduction to Software Engineering

An Introduction to Software Engineering
PROGRAMMING IN VISUAL BASIC.NET INTRODUCTION TO VISUAL BASIC.NET Bilal Munir Mughal 1 Chapter-1.

PROGRAMMING IN VISUAL BASIC.NET INTRODUCTION TO VISUAL BASIC.NET Bilal Munir Mughal 1 Chapter-1.
Software Testing Life Cycle

Software Testing Life Cycle
Make sure your work looks professional and neat. Pages should be busy, but readable. Nothing under 10 font. Use technical language whenever possible. Make.

Make sure your work looks professional and neat. Pages should be busy, but readable. Nothing under 10 font. Use technical language whenever possible. Make.
Software Models (Cont.) 9/22/2015ICS 413 – Software Engineering1 -Component-based software engineering -Formal Development Model.

Software Models (Cont.) 9/22/2015ICS 413 – Software Engineering1 -Component-based software engineering -Formal Development Model.
1 1 Vulnerability Assessment of Grid Software Jim Kupsch Associate Researcher, Dept. of Computer Sciences University of Wisconsin-Madison Condor Week 2006.

1 1 Vulnerability Assessment of Grid Software Jim Kupsch Associate Researcher, Dept. of Computer Sciences University of Wisconsin-Madison Condor Week 2006.
Joomla An Open Source Content Management System. Scope of Workshop Definition and background of Joomla Explanation of Joomla’s abilities and strengths,

Joomla An Open Source Content Management System. Scope of Workshop Definition and background of Joomla Explanation of Joomla’s abilities and strengths,
CSC-682 Cryptography & Computer Security Sound and Precise Analysis of Web Applications for Injection Vulnerabilities Pompi Rotaru Based on an article.

CSC-682 Cryptography & Computer Security Sound and Precise Analysis of Web Applications for Injection Vulnerabilities Pompi Rotaru Based on an article.
Vigilante: End-to-End Containment of Internet Worms Authors : M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham In Proceedings.

Vigilante: End-to-End Containment of Internet Worms Authors : M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham In Proceedings.
Functions, Procedures, and Abstraction Dr. José M. Reyes Álamo.

Functions, Procedures, and Abstraction Dr. José M. Reyes Álamo.

Similar presentations

Ads by Google