Knox(Yue) Liu

Software Security

Motivation: Modern software systems are increasingly complex and interconnected, making them vulnerable to various security threats. Ensuring the security and reliability of software is crucial to protect sensitive data, maintain user trust, and prevent costly breaches and attacks.

Approach: To address software security challenges, we need to develop advanced techniques for analyzing and securing software systems. Our research focuses on leveraging program analysis and learning-based approaches to identify and mitigate security risks, enhance software reliability, and protect against emerging threats. We have designed a comprehensive array of novel automated solutions, including:

Deep learning-based malware detection: We have developed innovative deep learning models to accurately detect and classify malware in Android applications. Our work includes a systematic literature review of deep learning techniques for Android malware defenses [ CSUR 22] and an explainable AI approach to understanding why these models perform so well [ ISSRE 22].

Identifying security risks through program analysis: We have applied program analysis techniques to identify and mitigate security vulnerabilities in software systems. Our work includes valuating security risks in VSCode extensions through taint analysis (under review), and understanding and preventing data exposure in VSCode extensions (under review).

Reliability: Automated analysis for software security is essential, but program analysis often results in high false negatives, while learning-based approaches can suffer from experimental biases. For example, our research [ISSRE 22] shows that temporal sample inconsistency in the training dataset leads to over-optimistic classification performance (up to 99% F1 score and accuracy). Importantly, our results indicate that ML models classify malware based on temporal differences between malware and benign samples, rather than the actual malicious behaviors.