CS&E Colloquium: Principled and Practical Approaches to Secure Modern Open-Source Systems

The computer science colloquium takes place on Mondays from 11:15 a.m. - 12:15 p.m. 

This week's speaker, Kangjie Lu (CS&E), will be giving a talk titled "Principled and Practical Approaches to Secure Modern Open-Source Systems".

Abstract

Open-source software is everywhere and has become the backbone of today’s cyber world. In particular, systems software such as operating-system kernels and browsers is arguably the most important one. Modern systems have become extremely large and complex, often containing millions of lines of code written in unsafe programming languages. As a result, they are unfortunately buggy, and a single security bug (or vulnerability) may compromise the whole system. In this talk, I will discuss how to (and why we should) secure modern system software using an overarching, three-pronged approach: program understanding and reasoning, secure-by-design principles and defense, and continuous security assurance. For each part of the approach, I will specifically share our recent accomplishments. At last, I will conclude by discussing some challenging but exciting research opportunities for future work.

Biography

Dr. Kangjie Lu is an assistant professor in the Computer Science & Engineering Department of the University of Minnesota-Twin Cities. His research interests include security and privacy, program analysis, and operating systems. He is particularly interested in developing foundational techniques that enable security mechanismsand analyses, automatically finding and eliminating classes of vulnerabilities introduced by both developers and compilers, and hardening systems while preserving their reliability and efficiency. His research results are regularly published at top-tier venues and have led to many important security updates in the Linux kernel, the Android OS, the FreeBSD kernel, Apple’s iOS, OpenSSL, PHP, etc.  He is a recipient of the NSF CAREER award 2021 and won the best paper award at ACM CCS 2019.  He received his Ph.D. in Computer Science from the Georgia Institute of Technology. More details can be found at https://www-users.cs.umn.edu/~kjlu