[摘要] The world is increasingly connected through a series of smart, connected systems such as smartphone systems, smart home systems, and emerging smart transportation and autonomous vehicle systems. While leading to improved services, such transformation also introduces new security challenges. To address these challenges, in contrast to existing defense mechanisms that are mostly ad hoc and reactive, my dissertation research is dedicated to developing systematic problem analysis approaches that can proactively discover and assess new security problems in smart, connected systems.To achieve this goal, my dissertation focuses on two most fundamental capabilities in any smart, connected system: network stack and smart control, and demonstrates that static/dynamic program analysis and network measurement can be used to systematically identify new code-level and network-level security challenges in smart, connected systems, and gain insights about problem severity to address design trade-offs in the defense solutions. More specifically, my research is able to leverage these techniques to discover a new attack vector (US-CERT alert TA16-144A) that is unexpectedly brought by the recent expansion in the DNS system, and new algorithm-level security vulnerabilities in the next-generation smart transportation systems. For these discoveries, systematic vulnerability cause analysis is performed subsequently to uncover the associated new network-level and code-level security challenges. On the defense side, these techniques are also used in my dissertation research to build the first automated detection tool for packet injection vulnerability, a recurring problem in network communication protocols, and define more useful attack surface to balance the design trade-off in name collision attack defenses.