English
Arabic
Chinese (Simplified)
Dutch
Esperanto
French
German
Greek
Italian
Japanese
Korean
Portuguese
Russian
Spanish
Urdu
Washington University in St. Louis Professor Ning Zhang’s research focus is system security, which lies at the intersection of security, computer architecture and programming language. He is particularly interested in secure software/hardware systems, side-channel analysis, malware and digital forensics. He is also interested in developing new methods to automatically discover and mitigate system vulnerabilities.
Professor Zhang
Before joining the McKelvey School of Engineering as a computer science professor, Zhang was a principal cyber engineer/researcher and technical lead at Cyber Security Innovations of Raytheon. Throughout his eleven-year career at Raytheon, he has worked to protect various critical networked and cyber-physical infrastructures.
Of the SolarWinds attacks, he says:
“This attack was special because it was a software supply chain attack, where a software update mechanism (which is generally a very good thing to protect yourself) was turned around to use as an attack vector.
Most of the IT infrastructure in major organizations are not prepared to handle this type of threat.”
The length that the attackers went to minimize risk, he said, was the other major feature whifch ultimately lead to the attack’s extensive impact.
“I think following one of the most fundamental principles in computer security – the principle of least privilege – goes a long way, because we can limit the impact of compromised components within the greater organization.”
