Intelligent Application Security (IAS)
The Intelligent Application Security team at Oracle Labs works on innovative projects in the application security space spanning areas like program analysis and machine learning.
Intelligent Application Security (IAS)
Intelligent Application Security (IAS)
The Intelligent Application Security team at Oracle Labs works on innovative projects in the application security space spanning areas like program analysis and machine learning.
Project Overview
Intelligent Application Security (IAS) aims to provide an automated approach to integrate security into all aspects of application development and operations, at scale, using learning techniques that incorporate signals from the code and beyond, to provide actionable intelligence to developers, security analysts, operations staff, and autonomous systems.
IAS is related to the DevSecOps life-cycle and addresses some of the following research questions.
- How to automatically fix a bug?
- How to automatically upgrade vulnerable dependencies?
- How to ensure that one's software supply chain is secure?
- How to detect and block potential attacks against a running service?
- How to analyse configurations before applications are deployed?
Principal Investigator
Research Director
Paddy Krishnan is a Research Director at Oracle Labs in Brisbane, Australia and leads the team. He has been with Oracle since Feb 2013. His current research interests are in the areas of software security, program analysis, and automatic test generation. At Oracle, Paddy has worked on detecting security vulnerabilities in the JDK, in Java-based web applications and in JavaScript-based client-side code. More recently he is exploring the expressive power of different models in the context of security monitoring. He is also interested in infrastructure-related security. He has also supervised student interns in the area of scalability and applicability of points-to analysis, verification of concurrent data-structures, using mutation testing to detect security issues, and security analysis of SDNs and microservices.
Prior to joining Oracle Labs he was an academic for over 20 years with some industrial research experience. He is a Senior Member of both the ACM and the IEEE.