Advanced Software Technologies

Search

en

Automatic Vulnerability Discovery at Scale

Speaker: external pageMarcel Boehme
Time: May 18, 12:45 - 14:00 (CEST)
Place: CAB G 56
Talk title: Automatic Vulnerability Discovery at Scale

Abstract:
To establish software security at scale, we need efficient automated vulnerability discovery techniques that can run on thousands of machines. In this talk, we will discuss the abundant opportunities and fundamental limitations of fuzzing, one of the most successful vulnerability discovery techniques. We will explore why only an exponential number of machines will allow us to discover software bugs at a linear rate. We will discuss the kind of correctness guarantees that we can expect from automatic vulnerability discovery, anywhere from formally proving the absence of bugs to statistical claims about program correctness. We shall touch upon unexpected connections to ecological biostatistics and information theory which allow us to address long-standing scientific and practical problems in automatic software testing. Finally, we will take a forward looking view and discuss our larger vision for the field of software security.

Bio: 
Marcel Böhme leads the Software Security research group at the Max Planck Institute for Security and Privacy (MPI-SP) in Germany. Previously, he was a Senior Lecturer at Monash University in Australia and a PostDoc at the TSUNAMi Security Research Centre in Singapore and the CISPA-Helmholtz Zentrum in Germany. Marcel received his PhD from the National University of Singapore. His current research interest is the automatic discovery of security flaws at the very large scale. One part of his group develops the probabilistic foundations of automatic software testing (i.e., finding bugs by generating executions) to elucidate fundamental limitations of existing techniques and to explore the assurances that software testing provides when no bugs are found. The other part of his group develops practical vulnerability discovery tools that are widely used in software security practice. For instance, Entropic is the default power schedule in LibFuzzer which powers the largest fuzzing platforms at Google and Microsoft, fuzzing hundreds of security-critical projects on 100k machines 24/7. His tools have discovered 100+ bugs in widely-used software systems, more than 70 of which are security-critical vulnerabilities registered as CVEs at the US National Vulnerability Database.

 

JavaScript has been disabled in your browser