Vulnerability Analysis for Blockchain Software Security
*bldg. 2 NO.102/ 16:00~
Heejo Lee is a professor at CSE, Korea University, Seoul, Korea and a director
of CSSA (Center for Software Security and Assurance). Before joining
Korea University, he was at AhnLab, Inc. as a CTO from 2001 to 2003.
From 2000 to 2001, he was a postdoc researcher at CERIAS,
Purdue University. In 2010, he was a visiting professor at CyLab/CMU.
Dr. Lee received his B.S., M.S., Ph.D. degree in CSE from POSTECH,
Pohang, Korea. He has been working on the consultation of
the cyber security in the Philippines (2006), Uzbekistan (2007), Vietnam (2009),
Myanmar (2011), Costa Rica (2013) and Cambodia (2015).
He is a recipient of the ISC^2 ISLA award of community service star in 2016.
Blockchain platforms are being developed as a piece of software and all
software security issues are linked together such as vulnerability propagation
through the code clones of open source software (OSS) and the existence
of same vulnerabilities in multiple locations via the code reuse of reference
implementations. Center for Software Security and Assurance (CSSA) is
established for developing an automated security analysis platform called
IoTcube for enabling even non-security professionals to examine security
vulnerabilities professionally. In this talk, the technologies in IoTcube
will be introduced, which include blackbox testing, whitebox testing,
and network testing. Preliminary analysis of popular blockchain projects
will show the statistics of OSS components and the importance of vulnerability
management for improving blockchain platform security.