Cybersecurity Speaker Series: Rode0day: A continuous bug-creating and finding competition
Title: Cybersecurity Speaker Series: Rode0day: A continuous bug-creating and finding competitionSpeaker: Tim Leek, Technical Staff, Cyber System Assessments Group, MIT Lincoln LaboratoryLocation: Northeastern University, 805 Columbus Avenue, 655 Interdisciplinary Science and Engineering Complex (ISEC), Boston, Massachusetts 02120AbstractThis summer, we launched Rode0day, a continuous bug-finding competition designed to improve understanding of bugs and bug-finding. Using automated vulnerability injection, we add hundreds of new bugs to programs every month and challenge competitors to find as many as they can. Competitors are awarded points for generating inputs that trigger a bug, causing the program to crash. At the end of each competition, we release an answer-key containing crashing inputs for each injected bug. It is our hope that this monthly infusion of ground truth into the research and practice community will stimulate better understanding of what works, and why, in bug finding. In this talk, I will detail some of the technical aspects of the automated vulnerability injection technique used in Rode0day, but will also discuss the structure of this competition and present preliminary results.About the SpeakerMr. Tim Leek joined the BMDS Integration Group at Lincoln Laboratory in 2001, investigating machine learning techniques for building decision architectures. In 2003, he joined what is now the Cyber System Assessments Group at Lincoln Laboratory. His research interests range from reverse engineering to bug finding and exploitation, using a combination of static and dynamic analysis, as well as machine learning.Prior to joining the Laboratory, Mr. Leek worked as a technical writer for U.S. Surgical Corp, as a scientific programmer at Yale University, and as a systems administrator at the Salk Institute for Biological Studies in La Jolla, California. He then entered a PhD program in computer science at the University of California, San Diego, leaving after a year with an MS degree. In 1997, he joined Bolt Beranek and Newman, where he applied statistical methods to information retrieval, topic detection and tracking, machine translation, and summarization.Mr. Leek received a BS degree in physics and a BA degree in English from the University of Connecticut in 1991, and the aforementioned MS degree in computer science from the University of California, San Diego.
Thursday, October 25, 2018 at 2:00pm