Distinguished Lecture: How to make YOUR computer more secure than the Internet?
Wenke Lee: John P. Imlay Jr. Chair and Professor of Computer Science, Georgia Tech
Abstract. For the past several decades, we have been hard at work developing techniques for finding and fixing security bugs. In this talk, I will first briefly discuss some recent advances include fuzzing and ML-based program analysis.
While the newer techniques can in theory scale better and find bugs faster, they are still no match for the growing scale/volume and complexity of modern-day software. A typical software vendor wants to sell the same copy of its software to all its customers. Modern-day software often contains third-party modules, including free, open-source codes that have not been maintained adequately. As a result, not only modern-day software has more bugs, but the same exploit is likely to compromise all computers that install the same version of software.
I argue that we should take a complementary approach. In addition to just finding/fixing bugs, we should tailor/customize software to suit each user’s needs. That is, each user’s version/instance of the software needs not to be the same as everyone else's, so that the same exploit will not compromise all instances. In this talk, I will also describe our recent work towards customizing and securing software, and ultimately, making YOUR computer more secure than the Internet.
Bio. Wenke Lee is a John P. Imlay Jr. Chair and Professor of Computer Science at Georgia Tech. His research interests include systems and network security, malware analysis, applied cryptography, and machine learning. He received his Ph.D. in Computer Science from Columbia University and is an ACM Fellow and an IEEE Fellow.