I will share our past experience in developing precise and scalable software security analysis techniques for analysing large-scale software. I will start with some real-world software vulnerabilities, and then introduce the background knowledge of static and dynamic program analysis. After that, I will present our past research projects, particularly SVF (https://github.com/SVF-tools/SVF), an open-source framework based on a years-long effort. Next, I will introduce our recent experience in learning-based software security analysis. Finally, I will discuss some future research opportunities.
Yulei Sui is a Senior Lecturer at School of Computer Science, University of Technology Sydney (UTS). He is broadly interested in Program Analysis, Secure Software Engineering and Machine Learning. In particular, his research focuses on building fundamental static and dynamic analysis techniques and tools to improve the reliability and security of modern software systems. His recent interest lies at the intersection of programming languages, natural languages and machine learning. Specifically, his current research projects include secure machine learning, program analysis for bug detection and repair through data mining and deep learning.