Visible to the public Keynote: Sailing the Seas of the Science of Security


Research is difficult. As fresh graduate students, we are thrust into the research depths without so much as a life vest. We're expected to learn to tread water, then to swim, then to make it to shore, just in time to throw the next generation of researchers right into the deep end! Though, arguably, this rite of passage is an important step in the life of a researcher, this journey should not be as lonely and uncertain as it often is. In this talk, I will try to shed light on the process by describing my personal journey of contributing to the Science of Security and attempting to convey the lessons I learned along the way to doing applied (and applicable!) security research. Though the talk will be through the lens of my specific research area, the lessons therein will hopefully be useful to any future researchers finding themselves in the uncertain depths of research.


Yan Shoshitaishvili is an Assistant Professor at Arizona State University, where he pursues parallel passions of cybersecurity research, real-world impact, and education. His research focuses on automated program analysis and vulnerability detection techniques. Aside from publishing dozens of research papers in top academic venues, Yan led Shellphish's participation in the DARPA Cyber Grand Challenge, achieving the creation of a fully autonomous hacking system that won third place in the competition.

Underpinning much of his research is angr, the open-source program analysis framework created by Yan and his collaborators. This framework has powered hundreds of research papers, helped find thousands of security bugs, and continues to be used in research labs and companies around the world.

Creative Commons 2.5

Keynote: Sailing the Seas of the Science of Security
Switch to experimental viewer