Academic
Background
I have been a student (although not a very good one) for as long as I can remember. I'm still in school right now. Someday I'll be finished with school only to return to school as a professor, but that's a while ahead.
Right now I'm at the University of Texas at Austin as a graduate student in the Department of Computer Science, working under Professor Calvin Lin.
I received my Bachelor of Arts in Computer Science at Cornell University. During my time there, I did research with the Cornell Network Research Group and later the Autonomous Underwater Vehicle Team.
Some additional details are in my resume.
Research Agenda
The following is from my thesis proposal, which I defended to my thesis committee on 16 January 2008.
Many challenges in software quality can be tackled by techniques that dynamically analyze programs. However, these techniques are often limited in their efficiency or scalability as they are often applied uniformly to an entire program. In this thesis, we show that these techniques can be made significantly more efficient and scalable by statically analyzing the flow of data so that the dynamic analysis can be selectively applied only to important parts of the program. We apply this general principle to the design and implementation of two different systems, for runtime security policy enforcement and software test input generation.
- For runtime security policy enforcement, we enforce user-defined policies using a dynamic data flow analysis. However, previous attempts to perform such dynamic enforcement lead to high runtime or memory overheads due to the need to track all objects and statements. We solve this problem by using the user-defined policy to automatically drive a static data flow analysis that conservatively approximates dynamic behavior, eliminating nearly all overhead by performing dynamic analysis only where required. Our system is both more general and more efficient than existing software taint tracking and dynamic data flow analysis systems. We will also explore the use of our system as a tool for implementing analysis-based cross-cutting functionality in the manner of aspect-oriented programming systems.
- For software test case generation, our principles lead us to the new paradigm of targeted testing. Current test input generators treat all parts of the program equally and attempt to achieve high coverage. Targeted testing instead focuses effort only on parts of the program that are likely to contain bugs, trading coverage for bug-finding efficiency. For example, program edits can be targeted to identify bugs fixed or introduced by a change without testing unaffected parts of the program. Alternatively, targeted testing can be integrated with analysis tools to target higher-level properties or errors. We will evaluate targeted testing in the context of a change management system, showing that targeted testing identifies faults more rapidly and efficiently than current untargeted testing systems.
Publications
Peer-Reviewed Conference Publications
- Walter Chang, Brandon Streiff, and Calvin Lin. Efficient and Extensible Security Enforcement Using Dynamic Data Flow Analysis. In Proceedings of the 15th ACM Conference on Computer and Communications Security. October 2008. [PDF]
- This paper in CCS'08 shows how a wide range of security policies can be enforced efficiently by using a combination of static and dynamic data flow analysis. By framing the policy in a manner accessible to dynamic data flow analysis, we can derive and use the corresponding static data flow analysis to identify and eliminate any instrumentation that does not affect the results of any security checks that lead to actual vulnerabilities. Since this proportion is typically small, we can achieve extremely minimal overheads, usually less than 1% and often within the noise for the performance of typical server programs.
- Steve Cook, Calvin Lin, and Walter Chang. Securing Legacy C Applications Using Dynamic Data Flow Analysis. In Crosstalk - The Journal of Defense Software Engineering, September 2008. [PDF]
- This is a more "general-audience" treatment of the same work in my CCS'08 paper, with more emphasis on aspects of interest to the defense community. Crosstalk is a DoD internal software engineering magazine; we were invited to write a short article for a special issue on secure software.
- Cornell AUV Team. For AUVSI/ONR 2002. [PDF]
- The Association for Unmanned Vehicle Systems International and the Office of Naval Research sponsor an annual competition for autonomous underwater vehicles. As a part of this competition, teams must submit a short paper on the design of their robot submarine. This is our 2002 paper.
- Cornell AUV Team. For AUVSI/ONR 2001. [PDF]
- Again, for the AUVSI competition. This is the 2001 paper.
- Cornell AUV Team. For AUVSI/ONR 2000. [PDF]
- Again, for the AUVSI competition. This is the 2000 paper.
- Srinivasan Keshav, Cristian Estan, Haye Chan, and Walter Chang. A toolkit for discovering topology and delays in the Internet. Unpublished, 1999. [PS]
- This was written when I did a stint in network measurement research as a freshman at Cornell. It describes Argus, a toolkit for automated network topology discovery. Argus uses a number of heuristics and tricks to rapidly guess at hosts and generate maps of arbitrary networks. After my superviser S. Keshav left to form Ensim the project went nowhere. I haven't touched this in almost a decade, so my memory is fuzzy on most of the specifics. The paper describes most of the concrete work we got done on the project.
Non Peer-Reviewed Works
Unpublished
Copyright © Walter Chang. Permission granted for noncommercial use as long as attribution is maintained.
Contact me: walter@cs.utexas.eduLast modified: Wed Oct 22 15:46:51 CDT 2008