CSE Colloquium: Zhen Huang

Speaker: Zhen Huang, Pennsylvania State University

Date: Friday, May 10

Time: 11-12pm

Location: HBL 1947 Room

Title: Automatically Mitigating and Fixing Software Vulnerabilities

Abstract: With the rise of smart phones and IoTs, computer systems have become an indispensable part of our lives. Our reliance on computer systems make software security extremely important. However, software security is continuously threatened by software vulnerabilities, because exploiting software vulnerabilities can compromise computer systems and drastically increase the scale and speed of security attacks. While it is ideal to fix software vulnerabilities, creating a correct fix takes time and leaves a window for adversaries to exploit them. In this talk, I will demonstrate the need for automatic solutions to address software vulnerabilities with a study on the life cycle and complexity of real-world security patches, and present tools that I have built to mitigate and fix real-world software vulnerabilities. These tools leverage novel program analysis techniques to address two main challenges: 1) mitigating a large number of software vulnerabilities rapidly and safely, and 2) generating correct security patches for complex software vulnerabilities. I will conclude this talk with future directions of my research.

Biography: Zhen Huang is a postdoc scholar in the Department of Computer Science and Engineering at Pennsylvania State University. He earned his Ph.D from the Department of Electrical & Computer Engineering at University of Toronto in 2018. His research focuses on using program analysis to automatically mitigate and fix software vulnerabilities.