<![CDATA[SCS Talk: Xi Wang, Massachusetts Institute of Technology]]>

273841 event 1391545647 1475892404 <![CDATA[SCS Talk: Xi Wang, Massachusetts Institute of Technology]]> SPEAKER:
Xi Wang, Massachusetts Institute of Technology

TITLE:

How Compiler Optimizations Make Our Systems Vulnerable: Understanding and Mitigating a New Class of Security Bugs

ABSTRACT:

Software bugs introduce security vulnerabilities into our computer systems. To understand and mitigate an increasing number of bugs, practitioners categorize them into classes, such as buffer overflow or SQL injection, and handle each class separately.

This talk introduces a new class of bugs called unstable code: code that is unexpectedly discarded by compiler optimizations due to undefined behavior in the program. I will discuss its prevalence and security impact in systems, and present a systematic approach for reasoning about unstable code, as well as a static checker called Stack that implements this approach to precisely identify unstable code in real systems. Applying Stack to widely used software has uncovered 160 new bugs that have been confirmed and fixed by developers. It has also been adopted by several companies to scan their code bases.

BIO:

Xi Wang is a PhD candidate in Computer Science at MIT, advised by M. Frans Kaashoek and Nickolai Zeldovich. His research interests are in building secure and reliable systems. He was awarded a Best Paper Award at SOSP 2013, a Best Student Paper Award at EuroSys 2008, and an MIT Jacobs Presidential Fellowship in 2008.

]]> 273561 image <![CDATA[Xi Wang, Massachusetts Institute of Technology]]> 198703 image/jpeg For more information, please contact Calton Pu at calton@cc.gatech.edu or 404-385-1106.

]]> <![CDATA[]]> 47223 1795