来源： 计算机学院 | 发表时间： 2021-11-20 | 浏览次数： 1670
报告题目：Software Vulnerability Detection: From Fuzzing to Deep Learning
报告人：Prof. Yang Xiang （项阳）
地点：腾讯视频会议线上报告（ID：175 425 291）
Professor Yang Xiang received his PhD in Computer Science from Deakin University, Australia. He is currently a full professor and the Dean of Digital Research, Swinburne University of Technology, Australia. His research interests include cyber security, which covers network and system security, data analytics, distributed systems, and networking. In the past 20 years, he has been working in the broad area of cyber security, which covers network and system security, AI, data analytics, and networking. He has published more than 300 research papers in many international journals and conferences. He is the Editor-in-Chief of the SpringerBriefs on Cyber Security Systems and Networks. He serves as the Associate Editor of IEEE Transactions on Dependable and Secure Computing, IEEE Internet of Things Journal, and ACM Computing Surveys. He served as the Associate Editor of IEEE Transactions on Computers and IEEE Transactions on Parallel and Distributed Systems. He is the Coordinator, Asia for IEEE Computer Society Technical Committee on Distributed Processing (TCDP). He is a Fellow of the IEEE.
Cyber security has become one of the top priorities in the research and development agenda globally today. New and innovative cyber security technologies that can effectively address this pressing danger are critically needed. Data-driven and system approaches to solve cyber security problems have been increasingly adopted by the cybersecurity research community. They have two areas of focus: detection and prediction of cyber threats. Recently, there have been significant efforts to detect software vulnerabilities. New methods and tools, consequently, must follow up to adapt to this emerging security paradigm.
In this talk, we introduce the current research and trend in the software vulnerability detection research. Then we will present a series of novel approaches to deal with the vulnerability issues, such as the fuzzing, deep learning, and the combined approach to improve the effectiveness of the detection. The focus of the fuzzing approach is on automatic black-box fuzzing especially for firmware; and the focus of the deep learning approach is to reduce the training samples and improve the detection rate.