CS alumnus Dr. Muath Alkhalaf received the 2015 ACM SIGSOFT Outstanding Doctoral Dissertation Award for his dissertation titled: “Automatic Detection and Repair of Input Validation and Sanitization Bugs.” Dr. Alkhalaf’s dissertation focuses on input validation and sanitization errors in web application code. According to the OWASP’s Top Ten Project, which lists the top ten sources of vulnerabilities in web applications, these types of errors are the most common cause of security vulnerabilities.
From Dr. Alkhalaf’s dissertation:
“Web applications have become a crucial part of commerce, entertainment and social interaction. They are rapidly replacing desktop applications. In the near future, they are likely to play critical roles in national infrastructures such as healthcare, national security, and the power grid. ... Due to global accessibility of web applications, malicious users all around the world can exploit a vulnerable application, so any existing vulnerability in a web application is likely to be exploited by some malicious user somewhere. … Unfortunately, web applications are notorious for security vulnerabilities such as SQL injection and cross-site scripting (XSS) that are due to improper input validation and sanitization.”
Dr. Alkhalaf's dissertation introduces new techniques which automatically detect and repair bugs and vulnerabilities within input validation and sanitization code in web applications. Prof. Tevfik Bultan, Dr. Alkhalaf's Ph.D. advisor, states, "There has been a lot of research on discovering web application vulnerabilities. Muath's dissertation is very impressive because it not only proposes novel and sophisticated techniques for automatically detecting vulnerabilities, but it also presents techniques for automatically repairing them. Given that web applications are expected to be up and running 24/7, automated vulnerability detection and repair techniques presented in Muath's dissertation provide a very promising approach to improving their dependability.”
The SIGSOFT Outstanding Doctoral Dissertation Award is presented annually to the author of an outstanding doctoral dissertation in the area of Software Engineering. The award will be announced and presented at the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering in Bergamo, Italy, August 30 - September 4, 2015.
Dr. Alkhalaf is currently an assistant professor at the Computer Science Department of the King Saud University in Riyadh, Saudi Arabia. Research results presented in Dr. Alkhalaf's dissertation have been published at prestigious software engineering conferences such as ISSTA, ASE, TACAS and ICSE.
Congratulations to CS alumnus Dr. Muath Alkhalaf on his accomplishment!
Dr. Alkhalaf’s dissertation can be read in PDF format here.
More information about the award can be found here.