No computing system is perfect; during the course of development issues are introduced which, under particular circumstances, can cause the system to enter an unanticipated state. Such failures can be the result of developers misusing programming language features or libraries, or not taking into account complex interactions between hardware, systems software, and the program they are developing. When a user of a system is able to exploit a failure in order to do harm, we term the issue a vulnerability. It is the goal of computer security research to develop mechanisms that mitigate such vulnerabilities, by detecting them, repairing them, or ensuring that they are not introduced in the first place.
Research in computer security at the University of Arizona has two main foci: analysis of malicious binary code [Debray] and the protection of systems from reverse engineering [Collberg]. Current research projects include code obfuscation using covert channels [Collberg and Debray], generic approaches to deobfuscation [Debray], and transformations to disrupt symbolic execution [Collberg] .