End System Security
This area includes tools and methods for building software artifacts, servers, and networks that are resistant to attacks and failures. This includes research into vulnerability assessment and identification, programming languages and tools for secure programming, mobile code and "sandboxes," proof-carrying systems, trusted embedded systems, resilient server architectures, protection against malicious software, dynamic reconfiguration of systems, hardware architecture design, fault-tolerance, code tamperproofing, and penetration testing. Research into more secure operating systems and database systems falls in this area, as does research into better human-computer interfaces for security (HCI).
End System Security Projects
Assurable Configuration of Security Policies in Enterprise Networks
Principal Investigator: Sanjay Rao
Compilation Using Correct-by-Construction Program Synthesis
Principal Investigator: Benjamin Delaware
Convicting Exploitable Software Vulnerabilities: Practical Input Provenance-Based Approach
Principal Investigator: Xiangyu Zhang
Knowledge Graph Construction for Resilient, Trustworthy, and Secure Software Supply Chains
Principal Investigator: Tianyi Zhang
MicroVM: Micro Virtual Machines for Managed Languages — Abstraction, contained
Principal Investigator: Antony Hosking
Migrating Enterprises to Hybrid Cloud Architectures
Principal Investigator: Sanjay Rao
NARCISSUS: Deriving Correct-By-Construction Decoders and Encoders from Binary Formats
Principal Investigator: Benjamin Delaware
PeX: A Permission Check Analysis Framework for Linux Kernel
Principal Investigator: Changhee Jung
Rust for Embedded Systems
Principal Investigator: Aravind Machiry
Secure Group Communication Over Wired/Wireless Networks
Principal Investigator: Xukai Zou
Zero Cost Spatial Memory Safety
Principal Investigator: Aravind Machiry