Bo Feng is a PhD student in the computer science program at Northeastern University, advised by Professor Long Lu. Bo’s research is focused on automating bug-finding in IoT firmware by way of fuzzing. Bo is interested in detecting and reporting vulnerabilities in IoT systems with ease and ultimately developing more secure devices. Prior to joining Khoury, Bo earned his Bachelor’s in Computer Science from Wuhan University.
In my first year of PhD, I built an OS for x86-64 architecture with virtual memory, ring protection, pre-emptive scheduling and an in-memory file system from scratch, a compiler translating Java-like object-oriented programming language into MIPS assembly, and learned various system and network security principles through practice.
Currently, I am working on automated bug finding in IoT firmware through fuzzing. Nowadays billions of IoT devices are deployed, the compromising of which can lead to data breaches, DDoS attacks, and can even harm human safety. Due to resource constraints, many IoT firmwares are written in C/C++, which suffers from memory corruption vulnerabilities. I am building a fuzzing system to find those vulnerabilities in IoT firmware in an automated way.
Find bugs in IoT firmware through our system, report it to vendors, and build more secure IoT devices.
Many computer systems are not designed and built with security in mind. I feel very excited about evaluating the security of those systems and enhancing them in practical ways with minimum programmers’ effort.
Bo Feng is a PhD student in the computer science program at Northeastern University, advised by Professor Long Lu. Bo’s research is focused on automating bug-finding in IoT firmware by way of fuzzing. Bo is interested in detecting and reporting vulnerabilities in IoT systems with ease and ultimately developing more secure devices. Prior to joining Khoury, Bo earned his Bachelor’s in Computer Science from Wuhan University.
In my first year of PhD, I built an OS for x86-64 architecture with virtual memory, ring protection, pre-emptive scheduling and an in-memory file system from scratch, a compiler translating Java-like object-oriented programming language into MIPS assembly, and learned various system and network security principles through practice.
Currently, I am working on automated bug finding in IoT firmware through fuzzing. Nowadays billions of IoT devices are deployed, the compromising of which can lead to data breaches, DDoS attacks, and can even harm human safety. Due to resource constraints, many IoT firmwares are written in C/C++, which suffers from memory corruption vulnerabilities. I am building a fuzzing system to find those vulnerabilities in IoT firmware in an automated way.
Find bugs in IoT firmware through our system, report it to vendors, and build more secure IoT devices.
Many computer systems are not designed and built with security in mind. I feel very excited about evaluating the security of those systems and enhancing them in practical ways with minimum programmers’ effort.
