Venkat Venkatakrishnan

Associate Professor of Computer Science 

Time: 12:00 

Date: Wed, 29 Nov 

Room: 1000 SEO 

Abstract 

Despite the wide availability of documentation and literature on well known security vulnerabilities in programs, we continue to see their increase every year. A simple google code search reveals several hundreds of open source programs that are vulnerable to SQL injection, a much publicized vulnerability (currently #1 oncve.mitre.org). Despite widespread media attention on security incidents, literature and textbooks on best practices, the problem of educating developers on preventing security vulnerabilities still remains a concern. In this talk, I will discuss an alternative approach that is based on building program transformation tools that automatically fix / repair vulnerable programs. Such tools, when integrated with development / testing platforms, offer a great deal of promise towards eliminating security vulnerabilities in programs. I will talk about TAPS, a tool that automatically repairs applications that have SQL injection vulnerabilities. Time permitting, I will also do some live demos. 

(Joint work with Prithvi Bisht and A. Prasad Sistla) 

Host: Jon A. Solworth

Associate Professor Computer Science Department