Homepage
About SEG
SEG News
SEG Seminar
Research
Tools
Internal Site
People
Publication
Curriculum
Album
Hot Link
Contact SEG
Academic lecture from Dr. Kai Chen

报告标题智能化漏洞检测与Skill的恶意行为分析

报告人陈恺

报告时间: 202098(周二) 10 : 00

报告地点线上,腾讯会议ID533 544 371


报告摘要:

Recently, AI techniques have shown great potential to strengthen the capability of traditional software analysis approaches. This talk will show how deep learning facilitates software testing and how NLP helps to analyze voice apps (skills). Firstly, we talk about fuzzing. Recently, directed grey-box fuzzing (DGF) becomes popular in the field of software testing. We propose a deep-learning-based approach to predict the reachability of inputs (i.e., miss the target or not) before executing the target program, helping DGF filtering out the unreachable ones to boost the performance of fuzzing. Evaluations on 45 real vulnerabilities show that FuzzGuard boosts the fuzzing efficiency of the vanilla AFLGo up to 17.1×. Secondly, we talk about skills. Smart speakers have been popularly used worldwide, mainly due to the convenience brought from the virtual personal assistant (VPA) which offers interactive actions through the convenient voice commands from users. However, to the best of our knowledge, there is no prior research that systematically explores the interaction behaviors of skills, mainly due to the challenges in handling skills' inputs/outputs in natural languages. We propose a systematic study on behaviors of skills and finds thousands of suspicious skills.

 

报告人简介:

陈恺,男,博士。中国科学院信息工程研究所,研究员、博士生导师,中国科学院大学教授。信息安全国家重点实验室副主任,《信息安全学报》编辑部主任。中国计算机学会系统软件专委会常委。主要研究领域包括软件与系统安全、人工智能安全。在S&PUSENIX SecurityCCS等高水平会议期刊发表论文100余篇;曾主持国家自然科学基金重点项目等40余项。入选国家万人计划青年拔尖人才、北京市杰青、北京市智源青年科学家等。