“Quantifying Information Leakage Using Model Counting and Symbolic Execution”


Event Details
Thursday, October 22, 2020
Talk:
1:30–2:30 p.m., Zoom

Reception:
N/A, N/A

Tevfik Bultan, Ph.D.

Professor, University of California, Santa Barbara (UCSB)

Abstract

A crucial problem in computer security is detecting information leakage via side channels. Information gained by observing non-functional properties of program executions (such as execution time or memory usage) can enable attackers to infer secret information accessed by the program. In this talk, I will discuss how symbolic execution, combined with a model counting constraint solver, can be used for detecting and quantifying side-channel leakage in programs, and also for identifying input sequences that can be used to recover secrets. I will also discuss how we implemented this approach by extending symbolic execution with our model counting constraint solver ABC.

Speaker Bio

Tevfik Bultan is a professor and the chair of the Computer Science Department at the University of California, Santa Barbara (UCSB). His research interests are in software verification, program analysis, software engineering, and computer security. He co-chaired the program committees of the 20th International Symposium on the Foundations of Software Engineering (FSE 2012), the 28th IEEE/ACM International Conference on Automated Software Engineering (ASE 2013), and the 41st ACM/IEEE International Conference on Software Engineering (ICSE 2019). He was the general chair of the 2017 ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2017). He has been an Associate Editor of the IEEE Transactions on Software Engineering (TSE) and the ACM Transactions on Software Engineering (TOSEM). He received a NATO Science Fellowship from the Scientific and Technical Research Council of Turkey (TUBITAK) in 1993, a Regents’ Junior Faculty Fellowship from the University of California, Santa Barbara in 1999, a Faculty Early Career Development (CAREER) Award from the National Science Foundation in 2000, the ACM SIGSOFT Distinguished Paper Award and the Best Paper Award at the 20th IEEE/ACM International Conference on Automated Software Engineering (ASE 2005), the ACM SIGSOFT Distinguished Paper Award at the 29th IEEE/ACM International Conference on Automated Software Engineering (ASE 2014), and the UCSB Academic Senate Outstanding Graduate Mentor Award in 2016. He was recognized as an ACM Distinguished Scientist in 2016.