Research Statement of Kirill Levchenko

Real software systems are messy. They are too ill-specified and complex to reason about formally, yet they face, and must defend against, security threats that were never contemplated in their original design. To address these computer security challenges, we have turned to empirical methods. Computer security has evolved from a prescriptive engineering discipline into a experimental science that views security problems and their solutions as a product of technical, social, and economic pressures that can be best understood using experimental techniques. There is an apparent tension between these two views—security as engineering and security as science— that still ignites debate at technical program committee meetings. My work, however, shows that these two views are complementary: one can be an engineer and a scientist, a builder and a breaker. Through my work, I have shaped the evolution of what is now termed evidence-based security, advocating that empirical computer security can be principled, and computer security principles can be grounded in empirical fact. One of the most fruitful applications of empirical methods in computer security has been to the study of e-crime. In my own work, I have used empirical techniques to study spam as a business process, an approach to spam that encompasses its technical, economic, and social dimensions. My work was the first to identify the role of payment processing as a bottleneck of spam monetization, giving birth to a new breed of more effective computer security interventions. Approaching e-crime as an economic undertaking has provided an advantageous perspective on illicit Bitcoin mining on botnets (and what it tells us about the value of compromised PCs), the CAPTCHA-solving industry (and its effect on online service abuse), the rising use of consumer-grade remote access malware (and its role in personalizing e-crime), as well as other elements of the underground ecosystem. Empirical techniques have also proven effective in the analysis of complex cyber-physical systems. I am currently developing methods for analyzing aircraft systems, work that builds on our study of the security of mobile cockpit information systems in general aviation (and the implications for safety of flight). I have also led an investigation of automobile emissions defeat devices in Volkswagen and Fiat small passenger diesel cars. Our work identified the software mechanism used to defeat emissions testing (and how its authors attempted to conceal its purpose), and identified a new software verification regime characterized by an adversarial relationship between prover and verifier.