- Software Security
Most of my prior work on software and system security is related to automatic program analysis for vulnerability detection and malware protection. For example, we proposed a black-box exploit prevention technique called packet vaccine that quickly detects exploit attempts on software and automatically generates signatures to shield the underlying software vulnerabilities without reliance on its source and binary code. Other examples include our analysis of information leaks from Linux process file systems, and new techniques for efficient dynamic runtime malware scan, automatic reverse engineering of program security configuration, secure remote error analysis and spyware containment. More recently, we start working on the security challenges in smart-phone systems and software.
- Game-Theoretic Incentive Engineering
When I was a PhD student at Carnegie Mellon, I spent a lot of time on AI and game theory, working on the problems such as learning in games and mechanism designs (see my old papers [1, 2]). After joining academia, I moved onto system/data security but my interests in game theory remain, particularly when the theory can help address some security-related issues. This happens, for example, when you need to encourage an honest but inadvertent insider to follow the best practices, avoiding shortcuts that may endanger her organization’s security protection.