William Blair
PhD Candidate [cv]
Computer Science (Software Security, POPV)
Boston University
Email: wdblair at bu dot edu
Research
-
I am a PhD candidate studying Computer Science at Boston University under the
supervision of Manuel Egele and Hongwei Xi.
I am interested in developing program analysis techniques that discover unknown
vulnerabilities hiding in programs and exploring language based security
approaches that defend such programs from attacks. I am also interested in
how advanced type systems can help improve the reliability and security of
systems software.
Education
-
MS in Computer Science
Boston University 2014
-
BA in Computer Science
Boston University 2012
Software
- ATSFlight [project]
A firmware for first-person-view (FPV) racing drones implemented in ATS.
Papers
- MPKAlloc: Efficient Heap Meta-Data Integrity Through Hardware Memory Protection Keys[pdf][slides][code][cite]
William Blair, William Robertson, Manuel Egele.
In Proceedings of the Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) 2022
- HotFuzz: Discovering Temporal and Spatial Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing[pdf][cite]
William Blair, Andrea Mambretti, Sajjad Arshad, Michael Weissbacher, William Robertson, Engin Kirda, Manuel Egele.
In ACM Transactions on Privacy and Security (TOPS) 2022
- FlexFilt: Towards Flexible Instruction Filtering for Security[pdf][cite]
Leila Delshadtehrani, Sadullah Canakci, William Blair, Manuel Egele, Ajay Joshi
In Proceedings of the Annual Computer Security Applications Conference (ACSAC) 2021
- HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities through Guided Micro-Fuzzing [pdf][post][slides][talk][cite]
William Blair, Andrea Mambretti, Sajjad Arshad, Michael Weissbacher, Engin Kirda, William Robertson, Manuel Egele
In Proceedings of the ISOC Network and Distributed System Security Symposium (NDSS) 2020
- Dependent Types for Multi-Rate Data Flows in Synchronous Programming [pdf][code][cite]
William Blair, Hongwei Xi
In Post-Proceedings of the ACM Workshop on ML 2015
Talks
- Symbolic Modeling of Micro Services for Intrusion Detection
Poster Session: IEEE Symposium on Security and Privacy, May 2021
- Microservice-Aware Reference Monitoring through Hybrid Program Analysis
FloCon 2021, CMU Software Engineering Institute (SEI)
- HotFuzz: Fuzzing for Space and Time Vulnerabilities in Java Programs
DARPA Space and Time Analysis for Cybersecurity P.I. Meeting, Apogee Research, February 2019.
- Continuum: Finding Space and Time Vulnerabilities in Java Programs
DARPA Space and Time Analysis for Cybersecurity P.I. Meeting, August 2016.
- Side Channels and Worst Case Behavior in Java
Northeastern-WPI Seminar on Systems Security June 2016.
- Using a Portfolio of SMT Solvers in Software Development
New England Programming Languages Symposium (NEPLS), Tufts University, November 2015.
- Dependent Types for Real-Time Constraints [talk]
ACM SIGPLAN ML Family Workshop at The International Conference on Functional Programming (ICFP), Vancouver, Canada, September 2015.
- Integrating SMT into Software Development
New England Programming Languages Symposium (NEPLS), Wesleyan University, June 2015.
- Debugging with Types in ATS[talk]
Boston Haskell Meetup, December 2014.
Teaching
I have served as a T.F. for the following courses.
- CS210: Computer Systems (Spring 2021)
- CS630: Graduate Design and Analysis of Algorithms (Fall 2020)
- CS530: Graduate Design and Analysis of Algorithms (Fall 2019)
- CS111: Introduction to Computer Science (Spring 2015)
- CS111: Introduction to Computer Science (Fall 2014)
- CS211: iOS Application Development (Spring 2014)
Funding
- DARPA Space and Time Analysis for Cybersecurity (STAC)
Misc
