• Software almost always has bugs. Many of these bugs cause serious problems such as software crash and leaking sensitive user information. To fix these bugs, software engineers have been fighting an endless battle with bugs. The cost of this battle is enormous--2 billion per year globally as of 2012 according to Cambridge University research (in comparison, the GDP of Singapore is 8 billion as of 2014). This high cost is due to that software developers spend about 50% of their time debugging. To reduce this high cost, debugging needs to be automated. In this regard, we are conducting research on automated program repair.
    Read More
  • Software environments typically depend on implicit sharing of binaries where binaries are created, loaded/executed and updated dynamically which we call the binary lifecycle. Windows is one example where many attacks exploit vulnerabilities in the binary lifecycle of software. We propose a family of binary integrity models with a simple and easy to use trust model, to help protect against such attacks.
    Read More
  • Web Applications today are prone to a plethora of vulnerabilities, which can be hard to detect and path. Cross-site Scripting, for instance, is one of the most prevalent forms of code-injection web vulnerabilities, and has few known practical defenses. We analyzed nearly a quarter million URLs from the Alexa Top 1000 sites in 2015, and found over 820 confirmed vulnerabilities. Our research prototype, DexterJS, automatically synthesizes patches for all these bugs. The auto-patched web sites provably eliminate the vulnerability and have low performance overheads
    Read More
  • Single Sign-On (SSO) services developed by major commercial service providers like Facebook, Google and Twitter, have been widely used by web-based service providers as an alternative authentication scheme. Despite rich research focussing on browser-based web applications, little has been conducted on the implementation of SSO on mobile platforms. However, we reveal that due to the fundamental difference of isolation mechanism in mobile OS and applications from the origin-based isolation in browsers, the SSO encounters a novel attack surface and adversarial models. Our study has successfully identified a major vulnerability, which allows an attacker to steal authentication credentials from victims and log into their Facebook accounts.
    Read More