Stephan Neuhaus

Summary

We introduce Malfor, a system that uses automatic experiments to find the causes of computer break-ins. We argue that this system has many advantages over existing systems. We also introduce new research that aims at forecasting vulnerability-prone software components by analyzing version archives and correlating them with bug databases. The introduced systems use experimental and empirical methods, which are almost never used in computer security research. We argue that they need to be revived in order to be able to cope with current and future challenges in computer security.

About the Speaker

Stephan Neuhaus has been working in computer security since 1992. Since 2003, he is a PhD student at the chair for Software Engineering at Saarland University, where he applies experimental and empirical methods to problems of computer security.