Burak Kadron

I am a Research Scientist at Veridise, where I work on Web3 and blockchain security. I work on OrCa, a fuzz testing tool for Solidity smart contracts. My contributions include extending and rewriting the interpreter for OrCa’s specification language and SMT-guided fuzzing hint language, and adding support for on-chain fuzzing.

I received my PhD in Computer Science from the University of California, Santa Barbara in September 2022, advised by Tevfik Bultan in the Verification Lab. My dissertation and main PhD work was on developing automated techniques to detect, quantify, and mitigate side-channel information leakage vulnerabilities in encrypted network traffic. During my PhD, I have worked on fuzzing browsers and attack synthesis with members of Verification Lab, and additionally I have worked on explainability analysis on neural networks at NASA Ames with Boeing.

My research interests span program analysis, software security, side-channel analysis, fuzzing, formal methods, and machine learning verification.

news

Nov 14, 2022	Tool paper accepted at ESEC/FSE 2022: “TSA: A Tool to Detect and Quantify Network Side-Channels.”
Sep 01, 2022	Successfully defended my PhD dissertation: “Detection, Quantification and Mitigation of Network Side Channels” at UC Santa Barbara.

selected publications

IEEE Sw.

Fuzzing, Symbolic Execution, and Expert Guidance for Better Testing

Ismet Burak Kadron, Yannic Noller, Rohan Padhye, and 3 more authors

IEEE Software, 2024

DOI Bib

@article{DBLP:journals/software/KadronNPBPS24,
  author = {Kadron, Ismet Burak and Noller, Yannic and Padhye, Rohan and Bultan, Tevfik and Pasareanu, Corina S. and Sen, Koushik},
  title = {Fuzzing, Symbolic Execution, and Expert Guidance for Better Testing},
  journal = {{IEEE} Software},
  volume = {41},
  number = {1},
  pages = {98--104},
  year = {2024},
  url = {https://doi.org/10.1109/MS.2023.3237981},
  doi = {10.1109/MS.2023.3237981},
}

IoT

Targeted Black-Box Side-Channel Mitigation for IoT

Ismet Burak Kadron, Chaofan Shou, Emily O’Mahony, and 2 more authors

In Proceedings of the 12th International Conference on the Internet of Things (IoT 2022), 2022

DOI Bib

@inproceedings{DBLP:conf/iot/KadronSOVB22,
  author = {Kadron, Ismet Burak and Shou, Chaofan and O'Mahony, Emily and Vural, Yilmaz and Bultan, Tevfik},
  title = {Targeted Black-Box Side-Channel Mitigation for {IoT}},
  booktitle = {Proceedings of the 12th International Conference on the Internet of Things ({IoT} 2022)},
  pages = {49--56},
  publisher = {{ACM}},
  year = {2022},
  url = {https://doi.org/10.1145/3567445.3567447},
  doi = {10.1145/3567445.3567447},
}

ESEC/FSE

TSA: A Tool to Detect and Quantify Network Side-Channels

Ismet Burak Kadron and Tevfik Bultan

In Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE 2022), 2022

DOI Bib

@inproceedings{DBLP:conf/sigsoft/KadronB22,
  author = {Kadron, Ismet Burak and Bultan, Tevfik},
  title = {{TSA}: A Tool to Detect and Quantify Network Side-Channels},
  booktitle = {Proceedings of the 30th {ACM} Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering ({ESEC/FSE} 2022)},
  pages = {1760--1764},
  publisher = {{ACM}},
  year = {2022},
  url = {https://doi.org/10.1145/3540250.3558938},
  doi = {10.1145/3540250.3558938},
}

ISSTA

Feedback-Driven Side-Channel Analysis for Networked Applications

Ismet Burak Kadron, Nicolás Rosner, and Tevfik Bultan

In ISSTA 2020: 29th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2020

DOI Bib PDF

@inproceedings{DBLP:conf/issta/KadronRB20,
  author = {Kadron, Ismet Burak and Rosner, Nicol{\'{a}}s and Bultan, Tevfik},
  title = {Feedback-Driven Side-Channel Analysis for Networked Applications},
  booktitle = {{ISSTA} 2020: 29th {ACM} {SIGSOFT} International Symposium on Software Testing and Analysis},
  pages = {260--271},
  publisher = {{ACM}},
  year = {2020},
  url = {https://doi.org/10.1145/3395363.3397365},
  doi = {10.1145/3395363.3397365},
}

NDSS

Profit: Detecting and Quantifying Side Channels in Networked Applications

Nicolás Rosner, Ismet Burak Kadron, Lucas Bang, and 1 more author

In 26th Annual Network and Distributed System Security Symposium (NDSS 2019), 2019

Bib PDF

@inproceedings{DBLP:conf/ndss/RosnerKBB19,
  author = {Rosner, Nicol{\'{a}}s and Kadron, Ismet Burak and Bang, Lucas and Bultan, Tevfik},
  title = {Profit: Detecting and Quantifying Side Channels in Networked Applications},
  booktitle = {26th Annual Network and Distributed System Security Symposium ({NDSS} 2019)},
  publisher = {The Internet Society},
  year = {2019},
  url = {https://www.ndss-symposium.org/ndss-paper/profit-detecting-and-quantifying-side-channels-in-networked-applications/},
}