We conduct research on a wide range of topics on systems and Internet security to develop techniques and tools aimed at prevention and detection of cyber attacks.

Research Areas

  • Web Security

    We focus on vulnerability analysis and detection of web applications using static and dynamic code analysis, formal methods, and ideas from compilers and OSs

  • Mobile Security

    We focus on vulnerability analysis of mobile apps and mobile malware analysis

  • Cybercrime

    We focus on automated analysis of for-crime software to understand their behavior and build effective defenses

  • Advanced Threats

    We investigate robust techniques to analyze and detect advanced persistent threats


CHESS: Computers and Humans Exploring Software Security

The CHESS project seeks to scale analysis of programs to find vulnerabilities, exploits, and patches with the help of human users.

Go to Project