libra etd
Online Archive of University of Virginia Scholarship

Software Analysis for Security: Finding Bugs in Bytecode Through Static and Dynamic Analyses; Privacy and Security in the Digital Age: Where Can the Line Be Drawn? 301 views

Author

Dolin, Seth, School of Engineering and Applied Science, University of Virginia

Advisors

  • Earle, Joshua , EN-Engineering and Society , University of Virginia
  • Graham, Daniel , EN-Comp Science Dept , University of Virginia

Abstract

As all industries and activities begin to incorporate computers in one form or another, cybersecurity has become an increasingly important issue, for everybody from lawmakers and large corporations to individuals. As a result, it is imperative that we increase research and education efforts into how the security of our cyberinfrastructure can be improved, as well as ensure that our laws and regulations are up to date and realistically designed to take into account the state of the art. Towards the end of improving cybersecurity education and research efforts, I propose a specialized course intended to teach the next generation of computer scientists the techniques necessary to identify and remediate security vulnerabilities in software through the use of static and dynamic analysis tools. By using these automated tools to locate vulnerabilities, software engineers can drastically reduce the time necessary to locate them, giving them the freedom to innovate without having to slow down the development cycle in the name of security. Towards the end of ensuring that laws and regulations are up to date with the state of the art, I present a case study in the ways that law enforcement and large tech companies have competed to determine the limits of lawful access to encrypted data. As encryption has become necessary to safeguard our information online, it has also allowed criminal enterprises to conceal their activities and evade surveillance. As a result of this, law enforcement agencies have attempted to create legislation that would force tech companies to build so-called “backdoors” into their encryption algorithms so that they can cooperate with valid warrants. Tech companies and encryption experts have long held that encryption with special access for law enforcement is just broken encryption.

Degree

BS (Bachelor of Science)

Notes

School of Engineering and Applied Science Bachelor of Science in Computer Science Technical Advisor: Daniel Graham STS Advisor: Joshua Earle Technical Team Members; Seth Dolin

Language

English

Rights

All rights reserved (no additional license for public reuse)

Issued Date

2022-05-12

Persistent Link

https://doi.org/10.18130/c2gs-wy87

Suggested Citation

Dolin, Seth. Software Analysis for Security: Finding Bugs in Bytecode Through Static and Dynamic Analyses; Privacy and Security in the Digital Age: Where Can the Line Be Drawn?. University of Virginia, School of Engineering and Applied Science, BS (Bachelor of Science), 2022-05-12, https://doi.org/10.18130/c2gs-wy87.

Files

Dolin_Seth_Prospectus.pdf
Downloads: 129
Download
Dolin_Seth_STSResearchPaper.pdf
Downloads: 307
Download
Dolin_Seth_SociotechnicalSynthesis.pdf
Downloads: 122
Download
Dolin_Seth_TechnicalReport.pdf
Downloads: 126
Download
opens in a new window