Software Analysis for Security: Finding Bugs in Bytecode Through Static and Dynamic Analyses; Privacy and Security in the Digital Age: Where Can the Line Be Drawn?
Dolin, Seth, School of Engineering and Applied Science, University of Virginia
Earle, Joshua, EN-Engineering and Society, University of Virginia
Graham, Daniel, EN-Comp Science Dept, University of Virginia
As all industries and activities begin to incorporate computers in one form or another, cybersecurity has become an increasingly important issue, for everybody from lawmakers and large corporations to individuals. As a result, it is imperative that we increase research and education efforts into how the security of our cyberinfrastructure can be improved, as well as ensure that our laws and regulations are up to date and realistically designed to take into account the state of the art.
Towards the end of improving cybersecurity education and research efforts, I propose a specialized course intended to teach the next generation of computer scientists the techniques necessary to identify and remediate security vulnerabilities in software through the use of static and dynamic analysis tools. By using these automated tools to locate vulnerabilities, software engineers can drastically reduce the time necessary to locate them, giving them the freedom to innovate without having to slow down the development cycle in the name of security.
Towards the end of ensuring that laws and regulations are up to date with the state of the art, I present a case study in the ways that law enforcement and large tech companies have competed to determine the limits of lawful access to encrypted data. As encryption has become necessary to safeguard our information online, it has also allowed criminal enterprises to conceal their activities and evade surveillance. As a result of this, law enforcement agencies have attempted to create legislation that would force tech companies to build so-called “backdoors” into their encryption algorithms so that they can cooperate with valid warrants. Tech companies and encryption experts have long held that encryption with special access for law enforcement is just broken encryption.
BS (Bachelor of Science)
School of Engineering and Applied Science
Bachelor of Science in Computer Science
Technical Advisor: Daniel Graham
STS Advisor: Joshua Earle
Technical Team Members; Seth Dolin
All rights reserved (no additional license for public reuse)