The ability to automatically discover security vulnerabilities has been coveted since Martin Bishop's team found the black box in the 1992 film "Sneakers." Automatic exploitation generation research coming out of academia demonstrates that we're getting close and DARPA's Cyber Grand Challenge announcement indicates that we want it bad. Behind the facade of automatic program analysis is a lot of arduous computer theory and discrete math. But automatic analysis is supposed to make vulnerability research easier not harder!
This talk will begin with a brief history of program analysis; how manual analysis techniques slowly turned into automatic ones and how we started automatically discovering vulnerabilities and reasoning about code. Next, I'll demonstrate the current landscape of program analysis; how you can use existing program analysis tools and techniques to automatically find vulnerabilities in almost anything. Finally, I'll discuss the state-of-the-art of program analysis; how minor changes to existing projects and how small scripts (less than 100 lines) for existing libraries can yield world-class vulnerabilities. The talk will include several practical code examples and demos and will be accompanied by online reference material.
Julian Cohen is a faculty member at NYU Engineering where he teaches Manual and Automatic Program Analysis. Julian is best known for running NYU Engineering's ISIS Lab from 2010 to 2013. In his tenure there, he developed their internationally-recognized Hack Night training program, revamped the CSAW CTF competition into one of the largest security competitions in the world, and mentored undergraduate and graduate students in developing practical security research. In the little free time he has, Julian enjoys finding vulnerabilities in software utilizing novel program analysis techniques.