Title: Scaling up Binary Analysis through Knowledge-oriented Techniques
Speaker: Prof. Zhenkai Liang
Abstract: Binary analysis is a fundamental technique in software and system security. It has a wide range of applications, such as vulnerability discovery, attack response, malware analysis, and software testing and debugging. Due to the lack of high-level semantics and complex program behaviors, it is challenging for binary analysis solutions to scale up to large real-world binaries in practice. Existing solutions are often task-driven and bounded by a practical time limit, which hinders comprehensively understanding of binaries. Furthermore, it is difficult to integrate the knowledge generated from different solutions. In this talk, we discuss our solutions, reflections, and ongoing efforts in scaling up binary analysis in a knowledge-oriented manner. We believe knowledge accumulation is the key to scale up binary analysis, where binary analysis solutions generate understandings that can be shared and reused in other solution. Our investigation includes techniques for knowledge extraction, tools for knowledge integration, and platforms for knowledge accumulations and sharing. The accumulated knowledge not only allows broader and deeper analysis into binaries, it also enables emerging data-driven and learning techniques to be effectively adopted in binary analysis tasks.
Dr. LIANG Zhenkai is an Associate Professor of the School of Computing, National University of Singapore (NUS). His main research interests are in system and software security, web security, mobile security, and program analysis. He has served as the technical program committee members of many system security conferences, including the ACM Conference on Computer and Communications Security (CCS), USENIX Security Symposium and the Network and Distributed System Security Symposium (NDSS). He is also an associate editor of the IEEE Transaction on Dependable and Secure Computing. As a co-author, he received the Best Paper Award in ICECCS 2014, the Best Paper Award in W2SP 2014, the ACM SIGSOFT Distinguished Paper Award at ESEC/FSE 2009, the Best Paper Award at USENIX Security Symposium 2007, and the Outstanding Paper Award at ACSAC 2003. He also won the Annual Teaching Excellence Award of NUS in 2014 and 2015. He received his Ph.D. degree in Computer Science from Stony Brook University in 2006, and B.S. degrees in Computer Science and Economics from Peking University in 1999.