Zion Basque
Computer science
Hometown: Kealakekua, Hawaii
Graduation date: Spring 2021
FURI | Fall 2020
Ali’i CFG: Improving the Accuracy and Completeness of Control Flow Graphs on Binary Programs
With the growing use of software across the globe, the need for automated security auditing of software has never been more critical. One of the pillars that support automated security auditing techniques on software is the construction of control flow graphs (CFGs) for the target software without accessing the source code, a.k.a. binary programs. A high-quality audit usually requires a complete and accurate CFG. Nevertheless, in most cases the constructed CFGs are flawed due to undecidable problems. Ali’i CFG uses state-of-the-art techniques (including multi-layered pointer resolving) to construct more accurate and complete CFGs in a scalable manner.
Mentor: Fish Wang
Featured project | Fall 2020
Why did you choose the project you’re working on?
Since my freshman year, I’ve been involved in research highly related to the research project I am doing now. Once after a hacking competition, my current research advisor asked me what I thought about the state of my field in regard to the competition. After a long discussion, and a sandwich at Ike’s Sandwiches, he introduced me to the idea of fixing some of the long-running issues in our field. Since then, I’ve been dedicated to fixing those issues and pushing the state of my field forward.
What has been your most memorable experience as a student researcher in FURI?
The most memorable moment from my research would have to be presenting my work to some individuals in the National Security Agency in regard to a major grant in which my research lab was involved. It was really exciting to see experts in my field acknowledge my work and find it impressive. It was also very exciting to see them interested in the results as soon as they were available.
How will your engineering research project impact the world?
The research I am doing now is related to the future of the security of all computing devices, regardless of the operating system. At the end of this research project, I will have implemented a new method to improve the accuracy of many tools related to the automatic vulnerability analysis of software. To summarize, the additions I make to my field from this research will improve the rate at which we find bugs that malicious hackers use to break into computers — allowing us to fix bugs before hackers can exploit them. This research will make the world a safer place.
What is the best advice you’ve gotten from your faculty mentor?
The best advice that my mentor gave me was that research is not something you do overnight. It is a long and tedious process that requires a copious amount of work. Progress in research does not mean you made your implementation work better. Often, progress is just a better understanding of how a problem works. Any increase in knowledge, implementation or thought is progress. As long as I keep making progress, my research will be valuable and legitimate.
Why should other students get involved in FURI?
Other students should get involved in this program because it is the easiest entry to the research world that is usually locked behind the doors of graduate school. In this program, you will learn a lot about your field and how you work on projects that take longer than a single weekend. Long projects that are taxing and thought inducing are a part of life, so doing this program will give you more experience and insight into the world. Taking the time to do this program may also end in job offers if you make well-crafted research. Find a good mentor and do it!