演讲主题:加固开源系统和其他系统的原则性和实用性方法
演讲人:卢康杰 明尼苏达大学副教授
时间:2023年8月30日(周三)14:00-15:00
地点:清华大学FIT楼3-225会议室
腾讯会议远程参与需扫描下方二维码报名
内容摘要
Open-source programs are everywhere and have become the backbone of today’s cyber world. Among them, system programs such as operating-system kernels and firmware are arguably the most critical ones, and their security may affect billions of devices and users. Modern systems have become extremely complex, often containing millions of lines of code written in unsafe programming languages. As a result, they are unfortunately insecure, and a single security bug (vulnerability) may compromise the whole system and even a large portion of the network. In this talk, I will discuss how to secure open-source systems with principled and practical approaches. I will first introduce three important properties of secure open-source systems: understandability, assurability, and sustainability. Correspondingly, I will then discuss how to achieve these properties with an overarching, three-pronged approach: program understanding and reasoning, secure-by-design defense, and sustainable security protection. In addition, I will introduce our scalable and precise large-system analysis framework that can enable various security applications.
演讲人简介
Dr. Kangjie Lu is an associate professor in the Computer Science & Engineering Department of the University of Minnesota-Twin Cities. His research interests include security and privacy, software engineering, operating systems, and security ethics. He is particularly interested in developing both principled approaches that address fundamental security problems and practical techniques that secure real-world systems. His research also frequently intersects with other fields such as machine learning and NLP, programming languages, compilers, architecture, and formal methods. His research results are regularly published at top-tier venues and have led to many important security updates in widely used software systems such as the Linux kernel, the Android OS, the FreeBSD kernel, Apple’s iOS, OpenSSL, PHP, etc. He is a recipient of the NSF CAREER award 2021 and won the best paper award at ACM CCS 2019 and a distinguished paper award at ACSAC 2022. He received his Ph.D. in Computer Science from the Georgia Institute of Technology in 2017.
扫描下方二维码报名参会