image placeholder

Computer Science Professors Giovanni Vigna  and Christopher Kruegel have been awarded a grant for the project “Continuum: Finding Space and Time Vulnerabilities in Java Programs.” The Principle Investigator is William Robertson at Northeastern University. The Co-PIs are Engin Kirda at Northeastern University, and Giovanni Vigna and Christopher Kruegel, both at UCSB.

The project abstract states, “We propose Continuum, a novel platform that composes static and dynamic analyses to identify flaws associated with time and space complexity in Java programs. The platform will preemptively pinpoint vulnerable algorithms, demonstrate their vulnerability by automatically generating program inputs that represent attack instances, and mitigate certain classes of these vulnerabilities. Continuum will target Java bytecode, thereby covering a large space of deployed software in critical environments without requiring source code that is too often unavailable for direct analysis. The project will result in a prototype implementation that will significantly advance the state-of-the-art in time and space vulnerability discovery and mitigation.”

The UCSB portion of the award includes funding in the amount of $1,552,924.

Giovanni Vigna is a Professor in the Department of Computer Science at the University of California in Santa Barbara. His current research interests include malware analysis, web security, vulnerability assessment, and mobile phone security. He also edited a book on Security and Mobile Agents and authored one on Intrusion Correlation. He has been the Program Chair of the International Symposium on Recent Advances in Intrusion Detection (RAID 2003), of the ISOC Symposium on Network and Distributed Systems Security (NDSS 2009), and of the IEEE Symposium on Security and Privacy in 2011. He is known for organizing and running an inter-university Capture The Flag hacking contest, called iCTF, that every year involves dozens of institutions around the world. He is a member of IEEE and ACM.

To learn more about Professor Vigna and his work, visit his website here.



Prof. Kruegel is a Professor in the Computer Science Department at the University of California, Santa Barbara. His research interests are computer and communications security, with an emphasis on malware analysis and detection, web security, and security in social networks. Kruegel has published more than 100 conference and journal papers, and was the recipient of the NSF CAREER Award, the MIT Technology Review TR35 Award for young innovators, an IBM Faculty Award, and several best paper awards.

To learn more about Professor Kruegel and his work, visit his website here.