"Security Agents"

Computer Science Professors Tevfik Bultan (CE)  and Giovanni Vigna take complementary approaches to data defense

Security breaches have become a daily fact of life in the Digital Age, and large-scale attacks can compromise millions of users’ personal information, as has happened at Equifax (143 million accounts), eBay (145 million), Facebook (up to 50 million in September), and Yahoo, where 3 billion accounts were put at risk. The important role of the Internet in national infrastructure, including the power grid, air-traffic-control systems, and financial networks, has made it the target of sophisticated attacks as well.

Digital security break-ins cost approximately $109 billion in the United States in 2016, and are estimated to cost between $375 billion and $575 billion per year worldwide. Small wonder that governments and industry are committing enormous resources to gain the upper hand in the data-theft wars. Often, such entities work with university researchers like Tevfik Bultan and Giovanni Vigna. Part of a formidable group of professors in the Computer Science Department at UC Santa Barbara’s College of Engineering, they take complementary approaches to security work.

Bultan’s approach reflects what he describes on his Verification Laboratory (VLab) website as “an ongoing shift in focus from performance to dependability,” reflecting the fact that “the size and complexity of the software systems nowadays inevitably lead to errors during both design and implementation phases” — errors that can cause vulnerabilities that compromise data.

He works primarily on two main security fronts: automating the process of finding vulnerabilities in software and trying to develop hackproof software by proving that it has no vulnerabilities. Vigna comes at security from the opposite perspective, seeking to find and exploit vulnerabilities in applications before they are deployed. Both share the goal of enabling programmers to make their products more secure.

“I think Tevfik works more on making sure that a program cannot misbehave, while we look for ways to make a program misbehave,” Vigna says. “He wants to be able to prove that bad things can’t happen. It’s like going back to the origins of software engineering, where you have formal verification and you say, ‘I’m going to prove that when the elevator door is open, there is no way that an elevator car will not be in front of the door.’ We’re more on the hacker side, saying, ‘How can we screw up this elevator?’ But sometimes Tevfik does what we do, and sometimes we do what he does. The two approaches are closely related.”

Much of the work Bultan refers to as “finding exploits” is done manually, but he prefers to automate the time-consuming process of identifying vulnerabilities by taking what is called a formal-methods approach. “We extract a math-based formal-logic representation of the software and then build logic solvers — software that can analyze the logic formulas,” he explains.

In application, the importance of his formal-methods work is reflected in a pair of grants he received recently — one from Amazon and another from the National Science Foundation — to address security issues with cloud computing services such as Amazon Web Services, Inc.

COE Convergence – "Security Agents" (full article)