SCS Recruiting Seminar: Fish Wang

Event Details
  • Date/Time:
    • Thursday February 22, 2018 - Friday February 23, 2018
      11:00 am - 11:59 am
  • Location: KACB 1116W
  • Phone:
  • URL:
  • Email:
  • Fee(s):
  • Extras:

Tess Malone, Communications Officer


Summary Sentence: Fish Wang gives talk.

Full Summary: No summary paragraph submitted.

  • Fish Wang Fish Wang

TITLE: Enhancing the Discovery and Mitigation of Vulnerabilities in Binary


In the computing landscape of the modern world, our devices and systems, including PCs, servers, industrial control systems, and smart/embedded devices, are increasingly relying on programs for which the source code is unavailable to end users, security analysts, and even manufacturers ­­— termed “binary programs.” Oftentimes, binary programs are not fully secure, and through these devices and systems, vulnerabilities in binaries may have a broad impact on society. Because of the intrinsic complexity of programs, the discovery and mitigation of vulnerabilities in binaries is generally viewed as a difficult task. It is only more difficult due to the loss of information, especially semantics, through compilation and optimization.

In this talk, I will present my research on improving the discovery and mitigation of vulnerabilities in binaries without requiring source code. I approach this goal from different angles. I will first discuss improvements on traditional vulnerability discovery techniques, such as fuzz testing, by complementing them with assistance from either symbolic execution engines or intelligence from non-expert humans. I will then showcase a novel technique for static binary rewriting with extremely low overhead, which greatly reduces the performance impact of vulnerability mitigation and program hardening on binaries. These techniques are built upon the angr binary analysis platform, which I co-founded and maintain to help foster the future of binary analysis.



Ruoyu (Fish) Wang is a Ph.D. candidate in the SecLab of the Department of Computer Science at the University of California, Santa Barbara, being advised by Professors Giovanni Vigna and Christopher Kruegel. His research focuses on system security, especially on automated binary program analysis and reverse engineering of software. He is the co-founder and a core developer of the binary analysis platform angr. He is a core member of the CTF team Shellphish and the CGC team Shellphish CGC, with whom he won the third place in the Final Event of the DARPA Cyber Grand Challenge in 2016.

Additional Information

In Campus Calendar

College of Computing, School of Computer Science

Invited Audience
Faculty/Staff, Public, Graduate students, Undergraduate students
Fish Wang, binaries, Cybersecurity, lecture
  • Created By: Tess Malone
  • Workflow Status: Published
  • Created On: Feb 15, 2018 - 10:24am
  • Last Updated: Feb 15, 2018 - 10:25am