Demo: EverParse: Automatic generation of formally verified secure parsers for cloud integrity
Speaker: Tahina Ramananandro, Principal Research Software Development Engineer, Microsoft Research Redmond
DARPA and MITRE estimate that 80 percent of software security vulnerabilities have incorrect input validation as their root cause. In such scenarios, attackers provide malformed input, which, when not properly rejected, causes various misbehaviors such as buffer overruns or integer overflows, which ultimately lead to giving the attacker full control of the system. Thus, hardening critical software systems by systematically replacing their input validation code with formally proven message parsers can make a radical difference. This research talk by Tahina Ramananandro is the second of three research talks that will present ongoing and future research and engineering efforts to this end, demonstrating how projects such as Microsoft Research EverParse and DARPA SafeDocs harden input validation for various applications, ranging from network communication protocols to document formats. See talks by Sergey Bratus, DARPA, and Aseem Rastogi, Microsoft Research Redmond, for more information.
Learn more about the 2021 Microsoft Research Summit: https://Aka.ms/researchsummit (opens in new tab)
- 轨迹:
- The Future of Privacy & Security
- 日期:
- 演讲者:
- Tahina Ramananandro
- 所属机构:
- Microsoft Research
-
-
Tahina Ramananandro
Principal Research Software Development Engineer
-
-
The Future of Privacy & Security
-
-
-
Research talk: Building towards a responsible data economy
Speakers:- Dawn Song
-
Research talk: Towards bridging between legal and technical approaches to data protection
Speakers:- Kobbi Nissim
-
-
Tutorial, Research talk, and Q&A: ElectionGuard: Enabling voters to verify election integrity
Speakers:- Josh Benaloh,
- Dan S. Wallach
-
Research talk: DARPA SafeDocs: an approach to secure parsing and information interchange formats
Speakers:- Sergey Bratus
-
-
-
-