Siri for Secure Programming – On-fly Secure Programming Assistant (completed)

Starting Date: June 2018
Prerequisites: Computer Science Undergraduate Student, Enthusiasm and desire to be a problem solver
Will results be assigned to University:

Project Description

Secure coding is a set of best practices for making software (during development) as secure and stable as possible. It encompasses everything from recommendations for cryptographic usage, moving sensitive data, accessing a file system, and managing memory. As the security landscape is always changing, secure coding requires programmers to be up to date with the State of the Art (SOTA) in vulnerability exploitation and potential cyber threats. Remaining updates to all the threats in the wild is a daunting task, and for full-time programmers, this can be considered an unnecessarily time-consuming. The primary objective of computer programmers, for non-security software, is to translate the operational semantics to a computer language. The security aspects of this translations should be taken care of by an automated and intelligence agent – recommending SOTA security techniques to be incorporated during the coding of an application.

In this project, the UROP recipient will explore the potential of designing an AI-based automated Security Coding Assistant (SCA). The SCA will actively observe the programming semantic of an application and detect the hotspots that might be potential targets of an adversary. The SCA will recommend adequate countermeasure with associated code for programmers to incorporate into their software.

The respective UROP recipient will be pivotal in shaping the scope of this project and lead the research activities in collaboration with the ISG-SCC team.

Required Technical Skills

ISG-SCC value the enthusiasm and commitment significantly and considers technical skills as an acquirable skill during the internship. However, basic understanding and knowledge of compilers, secure programming, AI and software vulnerabilities will be desirable.

What will you gain during UROP?

During this internship, the objective of the ISG-SCC is to make sure that you develop your independent research and development skills and enhance your skills on a) presenting the project’s progress, b) keeping in line with time management, b) research methods, c) technical writing skills for project outcomes and d) problem identification and solving.

ISG-SCC Track Record

ISG-SCC has successfully run the UROP for the last two years. The success of the previous two years has produced a patent application (under review by patent office) and commercial demo (MVP) under development, and five research papers. Corresponding undergraduate students are named as first authors on the papers and co-inventor on the patent application. Research papers by undergraduate students have won one ‘best student paper award’, featured in a news article on Medium and being pivotal for a World Economic Forum’s project for anti-corruption project. The ethos of ISG-SCC is that undergraduate students have the talent and imagination to sort out unique and innovative solutions. They just need guidance from established researchers, and this is what ISG-SCC will provide during the UROP.