Meng Xu is currently a PhD candidate at the Georgia Institute of Technology. He will be joining the Cheriton School of Computer Science as an Assistant Professor in July 2021.
Meng’s research is in the area of software security.
Implementation faults can be exploited by attackers to install malware and control systems over the Internet. Unfortunately, they are prevalent in all widely deployed software systems. These systems try to defend themselves by creating layers of abstraction, and often the last layer of defence is the operating system. Hence, it is important that operating systems have minimal implementation faults. They are also widely deployed, but their code base is large, consisting of several million lines.
Meng’s research has focused on the Linux operating system, which is widely deployed on the Internet and is the basis for the commercial Android system used in many smartphones. Using software analysis techniques, Meng’s research automates the search for implementation faults in Linux. These techniques are challenging, since too many false positives will overwhelm any developer, yet any false negative may be enough for an attack. Using Meng’s research more than 100 implementation faults in Linux have been found and later fixed. These results underpin the applicability of his research to real-world security problems.