Tandon in the News

What is a chaff bug? How adding bugs to apps may make them more secure

In a new research paper, Chaff Bugs: Deterring Attackers by Making Software Buggier, Brendan Dolan-Gavitt, assistant professor of computer science at the NYU Tandon School of Engineering, and two PhD students, Zhenghao Hu and Yu Hu, suggest a new method of intentionally adding software bugs into code in order to deter attackers. Dubbed “chaff bugs,” the idea is to pack applications with seemingly legitimate-looking but ultimately unexploitable bugs that outnumber and obscure real vulnerabilities.