Cybersecurity Seminar Series: Ben Holland


November 7, 2016    
11:00 am - 12:00 pm


2222 Coover Hall
Coover Hall, Ames, Iowa, 50011

Event Type

Speaker: Ben Holland, Ph.D. Candidate, Department of Electrical and Computer Engineering, Iowa State University

Title: “Exploring the Space in Between Bugs and Malware”

Abstract: We live in an age of software problems with catastrophic consequences. An extra goto in Apple’s SSL implementation compromised certificate checks for the better part of a year. An erroneous integer conversion in the Ariane 5 launch destroyed the European Space Agency  rocket and its cargo valued at 500 million dollars. Often the problem is just a few lines of code  and looking for it is like searching for a needle in a haystack, but without knowing what a  needle looks like. Moreover the problems are often so subtle that it is difficult to tell if the  problem is intentionally malicious or an honest mistake. The traditional approach to bug and  malware detection fails to detect novel attacks or discover new classes of bugs. To make  matters worse, both problems can remain dormant and can easily evade testing. In this talk  we critically explore the challenges involved in bug and malware detection. To explore  concepts further we leverage a framework called JReFrameworker for manipulating the Java runtime environment to develop managed code rootkits. 

Bio: Ben Holland is a PhD student at Iowa State University with experience working on two high profile DARPA projects. He has extensive  experience writing program analyzers to detect sophisticated malware in Android applications and served on the ISU team as a key analyst  for DARPA’s Automated Program Analysis for Cybersecurity (APAC) program. His past work experience has been in  research at Iowa State University, mission assurance at MITRE, government systems at Rockwell Collins, and systems  engineering at Wabtec Railway Electronics. Ben holds a M.S. degree in Computer Engineering and Information  Assurance, a B.S. in Computer Engineering, and a B.S. in Computer Science. Currently he serves on the ISU team for  DARPA’s Space/Time Analysis for Cybersecurity (STAC) program.