Please visit my CV for the time being, and I will update this page and add contents accordingly.
I’m currently doing a computer science PhD with focus on information security at University of Virginia, under the supervision of Professor Jack Davidson .
Positive Taint Inference
Currently I’m working on DNA Shotgun Sequencing and PEASOUP to build an automatic suite that protects web applications against SQL Injections (and possibly other forms of attacks caused by user input, such as XSS).
Two sub-projects are spawned from this, to automate the process on a WordPress installation with 50 vulnerable plugins. They are available at WP-SQL-SINK and WP-SQLI-LAB. The former wraps WordPress sinks (i.e functions that output data, either to a third party like the DBMS or to the user) with some wrappers, that log the sinked data in passive mode, and analyze them later, or analyze and decide on them in active mode. It also has the ability of extracting all string literals from a PHP code.
The latter, is a WordPress lab which installs WordPress 3.8 along with 50 vulnerable plugins, and automates exploiting those plugins, so that one can figure out how many of the exploits were prevented or detected using the algorithms; using only user interactions (HTTP requests).
I also tested the nlearn tool by Prof. Sekar from Stony Brook on this, and am trying to get past its weaknesses using DNA Shotgun Sequencing of string literal fragments inside the PHP code.
Although this experiment is done on WordPress and PHP, it can be extended to any software and any programming language.
Another research I’m working on is embedding the NIST Level 2 Extended Role Based Access Control implementation using nested sets into different applications. For now I’ve successfully made it work as a PHP Library, as well as an Ubuntu Linux RBAC Kext (LRBAC) which defines policies on binary execution.
I’m also interested (and actively thinking about, but not working heavily on) some applications of cryptography, specially those focused on digital signatures, and also the idea of materializing digital entities.