Computer Science Department Seminar

11:30AM-12:30PM, Wednesday, November 10, 2010

Prof. R. Sekar, Stony Brook University

Title: Common Software Vulnerabilities and Techniques for Preventing Their Exploitation


Software vulnerabilities have been the biggest culprit behind cyber attacks in the past several years. A handful of vulnerabilities, such as buffer overflows, SQL injection, command injection, and cross-site scripting have come to dominate. Although these vulnerabilities are well understood and documented, their numbers seem to continue to escalate from one year to the next. In this talk, I will describe these vulnerabilities and recent trends in their prevalence and exploitation. I will then describe several techniques that we have developed to block exploitation of most of these vulnerabilities. Our defenses typically rely on a combination of program analysis, program transformation, runtime monitoring, and policy enforcement techniques. They have proven to be effective against most common exploits, and have low impact on performance.


R. Sekar ( is a Professor of Computer Science and the Director of the Secure Systems Laboratory ( and the Center for Cybersecurity ( at Stony Brook University. He has a Bachelor's degree in Electrical Engineering from IIT, Madras (India) and a Ph.D. in Computer Science from Stony Brook. He then served as a Research Scientist in Networking Research at Bellcore. After five years, he moved to Iowa State University, and then subsequently to Stony Brook. Sekar's research interests are focused on computer security, with specialization in attack detection, prevention, containment, response, and recovery; mobile and untrusted code security; malware; security policies and enforcement; anomaly detection; vulnerability analysis; and testbeds for network security experiments. His research has been supported by AFOSR, DARPA, NSF, ONR, State of New York, and industry sponsors.

For more information about this colloquium, please contact Habib M. Ammari at