The European Research Council (ERC) has awarded a Starting Grant for the open-source research proposal “Code Sanitization for Vulnerability Pruning and Exploitation Mitigation.” The Principal Investigator of the research is Professor Mathias Payer, IC tenure-track assistant professor and head of the HexHive lab on software systems security at EPFL.
Dubbed “CodeSan,” the project aims to improve computer code by automating the process of discovering bugs and sanitizing vulnerable software. The technology will apply to software in development stage as well as to those already active. Since it will be an open source technology, all implementation prototypes developed through the project can be deployed to protect browser-based software (the likes of Google Chrome and Mozilla Firefox) as well as Android and Linux systems from attacks.
The research is expected to make a significant contribution to building more resilient systems for unknown or unpatched vulnerabilities. It proposes to do so by employing sanitization techniques that can detect property violations and thus mitigate exploitable vulnerabilities.
Professor Payer has worked extensively on protecting applications in the presence of vulnerabilities. His research focus is on software security, system security, binary exploitation, effective mitigations, strong sanitization, and software testing using binary analysis and compiler-based techniques.
ERC has awarded the prestigious funding to 480 early-career researchers for 2019. Each grant is up to a maximum of €2.5 million, and the total worth of the grants this year is €621 million. They are awarded as part of the EU Research and Innovation programme Horizon 2020.