Machine Learning for Automatic Identification/Patching of Product Security Vulnerabilities
The goal of this internship project is to explore the feasibility of leveraging Machine Learning for either identifying or patching firmware security vulnerabilities often found in products. We will focus on 1-2 classes of common firmware security vulnerabilities that are not effectively detected using existing automation tools/methods, and train the ML model to attempt to detect/patch them. For a high fidelity output, the ML model would need to be trained properly with internal bug database as well as external vulnerability sources such as CVE and DARPA Grand Cybersecurity Challenge. We will initially attempt to automatically detect/patch vulnerabilities in toy examples. Based on the outcome of this exploratory effort, we would like to apply ML model on firmware from real Intel products to test the effectiveness. Success of this path-finding internship would enable Intel and the industry to develop intelligent infrastructure leading to products and technologies with high security assurance, protecting end-users' interests from hackers and criminals.
About Intel's Security Center of Excellence (SeCoE)
Our goal is to be a prominent leader in the industry to assure security in computing platforms by conducting advanced security research. We are Intel's Advanced Security Research Team with threat, vulnerability and exploit research experts who crave for tons of fun and pride in raising the security bar for ubiquitous computing systems. Through deep vulnerability analysis and mitigation development expertise, we influence the security of hardware, firmware, software and systems spanning a range of products including Devices, Cloud, Automotive, IoT, AI, VR, Drones, and Networks.