Nathan H. Burow
Dr. Nathan H. Burow is a technical staff member in the Secure Resilient Systems and Technology Group. He is excited about creating secure and resilient software for all systems, from embedded devices to enterprise desktops to the cloud. His work at the Laboratory focuses on leveraging advances both in programming languages (Rust) and in new hardware security features (tagged architectures) to create new security paradigms for the full software stack — from device drivers, through the operating system, to user applications. In addition to building new secure and resilient systems, Burow investigates ways to improve the test and evaluation of existing applications, including new tools and techniques to discover vulnerabilities. Further, Burow is exploring how to apply deception techniques in software to increase the security and resilience of mission systems.
Burow led the Laboratory’s effort to develop a more secure version of Linux by applying compartmentalization, thereby limiting the scope of attacks. This work resulted in a version of Linux known as Hardware Assisted Kernel Compartmentalization (HAKC). A paper describing this work, “Preventing Kernel Hacks with HAKC," won the Distinguished Paper Award at the Network and Distributed Systems Security (NDSS) Symposium in 2022. The HAKC technology is currently transitioning to Department of Defense systems. Additional projects include a Rust-based transactional memory system for real-time systems, which won a best paper award at the IEEE Real-Time Systems Symposium in 2021; an investigation of security issues in incrementally deploying Rust ("Cross-Language Attacks," NDSS 2022); and designing defenses to protect incrementally deployed Rust ("Keeping Safe Rust Safe with Galeed," Annual Computer Security Applications Conference 2021). MIT students advised by Burow have won the M.Eng thesis award (twice), MIT UROP research award, and Lincoln Laboratory’s Carl E. Nielsen Jr. scholarship.
Burow received a PhD degree in computer science from Purdue University in 2018 under Mathias Payer in the HexHive group. His dissertation focused on efficient runtime checks for C/C++ to mitigate control-flow hijacking. He earned an MS degree in computer science from Purdue in 2015 and a BA degree in economics from Yale in 2011, and is a member of the IEEE. He has served as a reviewer for the Usenix Security Symposium; the International Symposium on Research in Attacks, Intrusions and Defenses; Moving Target Defense and Programming Languages and Analysis for Security Workshops; and various security journals. For an internship, he was certified by the U.S. Army to handle explosive ordnance.