Uncovering Structure in Social Networks / Interprocedural Binary Analysis for Computer-Human Collaboration

Date/Time: Monday, January 23rd, 4:10 p.m. - 5:00 p.m. in Barnard Hall 108
Speaker: Matt Revelle, Senior Principal Research Scientist, Kudo Dynamics LLC
This presentation highlights techniques developed to address two broad objectives: the uncovering of structure in social networks; and the managing of complexity in binary reversing engineering and vulnerability research.

Social networks are defined by relationships between people and permeate all aspects of human life. Improving our understanding of the structure and dynamics of networks enhances our knowledge of many human systems. I present my contributions to the specific tasks of community detection and community evolution prediction. Community detection in networks is a complex problem with many proposed solutions. Existing methods frequently make use of edge density and node attributes; however, the methods ultimately have different definitions of community and build strong assumptions about community features into their models. I propose a new method for community detection, which estimates both per-community feature distributions (topics) and per-node community membership. The method includes only two basic assumptions about community structure: communities are densely connected and have a small network diameter.

Communities in social networks evolve over time as nodes enter and leave the network and their activity behaviors shift. I present a novel graph attention network architecture for predicting community evolution events based on group-node attention. Group-node attention enables support for variable-sized inputs and learned representation of groups based on member and neighbor node features, including temporal information.

As software systems continue to become more prolific, the frequency and potential impact of unknown software vulnerabilities also increases. The reverse engineering of program binaries is often necessary for identifying and understanding software vulnerabilities, and improving the performance of reverse engineers is a crucial component in securing computer systems. Semi-automated analysis workflows which allow reverse engineers to direct automated analyses can improve efficiency and enable the use of analyses that are intractable when applied to a whole program. I present a new software framework for interprocedural binary analysis that supports the interactive construction of interprocedural control-flow graphs (ICFGs). These ICFGs provide a workspace for program exploration and automated simplifications through context- and flow-sensitive analysis.

Brief Bio: Dr. Matthew Revelle is a Senior Principal Research Scientist at Kudu Dynamics and holds a PhD in Computer Science from George Mason University. He has over 20 years of computer science experience, including 10 years of experience in automated and manual vulnerability research, program analysis, reverse engineering, and computer network operations (CNO) development. His doctoral research was in the use of machine learning and data mining for uncovering structure in social networks. Dr. Revelle is currently a principal investigator on the Hardening Development Toolchains Against Emergent Execution Engines program under the Defense Advanced Research Projects Agency (DARPA) and previously supported several other DARPA programs. His research at Kudu Dynamics has included the use of type systems for vulnerability discovery in program binaries, interactive context- and flow-sensitive analysis for computer-human collaboration in vulnerability research, and machine learning to steer automated vulnerability discovery.

Seminars from 2022.