Upcoming Events

SCS Distinguished Lecture: Xiangyu Zhang

Events

Speaker: Xiangyu Zhang, professor at Purdue University 
Date and Time: Nov. 4, 11 a.m.- 12 p.m.
Location: KACB 2447

Title: Neural-symbolic Software Auditing

Abstract: Software engineering is undergoing a major shift: while code generation has become increasingly automated, code review and audit remain stubbornly human-intensive. Code quality continues to be a persistent challenge, and developers often face the task of debugging or auditing code they did not write. LLMs hold promise for automating aspects of code analysis, yet they consistently fall short in auditing real-world repositories due to context limitations, hallucinations, and difficulty with repository-scale reasoning. In this talk, I will present our recent research that addresses these challenges. Specifically, RepoAudi is an autonomous, LLM-driven auditing agent designed for repository-level code analysis with high precision and efficiency. By mimicking expert auditors, it performs demand-driven, path-sensitive reasoning over control- and data-flow graphs, powered by abstraction, pointer tracking, and validation mechanisms. This approach has enabled RepoAudit to uncover hundreds of previously unknown bugs in mature software ecosystems, including the Linux kernel and OpenSSL. In order to extend the tool to audit binary executables that do not have any source code information, we developed a novel code-model training method and award-winning probabilistic program analysis approaches. These techniques enable RepoAudit to find dozens of vulnerabilities in real-world firmware by solely performing auditing. At the end, I will briefly discuss how to audit future software, namely, AI agents.

Bio: Xiangyu Zhang is a Samuel Conte professor at Purdue specializing in Software Engineering, AI red-teaming, and Cyber Forensics. His work involves developing techniques to detect bugs, including security vulnerabilities, in traditional software systems as well as AI models and systems, and to leverage AI techniques to perform software engineering and cybersecurity tasks. He has served as the Principal Investigator (PI) for numerous projects funded by organizations such as DARPA, IARPA, ONR, NSF, AirForce, and industry.

Event Details
-
KACB 2447
Media Contact

EVENTS BY SCHOOL & CENTER

College of Computing

School of Computational Science and Engineering

School of Computer Science

School of Interactive Computing

School of Cybersecurity and Privacy

Algorithms and Randomness Center (ARC)

Center for 21st Century Universities (C21U)

Center for Deliberate Innovation (CDI)

Center for Experimental Research in Computer Systems (CERCS)

Center for Research into Novel Computing Hierarchies (CRNCH)

Constellations Center for Equity in Computing

GVU Center

Institute for People and Technology (IPAT)

Institute for Robotics and Intelligent Machines (IRIM)

Institute for Data Engineering and Science (IDEaS)

Machine Learning @ Georgia Tech (ML@GT)

UPCOMING EVENTS