Research talk: DARPA SafeDocs: an approach to secure parsing and information interchange formats
172
Microsoft Research322 тыс
Следующее
Популярные
212 дней – 1 3321:52
12.12.22 – 21630:11Опубликовано 8 февраля 2022, 17:10
Speaker: Sergey Bratus, Program Manager, DARPA
DARPA and MITRE estimate that 80 percent of software security vulnerabilities have incorrect input validation as their root cause. In such scenarios, attackers provide malformed input, which, when not properly rejected, causes various misbehaviors such as buffer overruns or integer overflows, which ultimately lead to giving the attacker full control of the system. Thus, hardening critical software systems by systematically replacing their input validation code with formally proven message parsers can make a radical difference. This research talk by Sergey Bratus, DARPA, is the first of three talks that will present ongoing and future research and engineering efforts to this end, demonstrating how projects such as Microsoft Research EverParse and DARPA SafeDocs harden input validation for various applications, ranging from network communication protocols to document formats. See talks by Tahina Ramananandro and Aseem Rastogi from Microsoft Research Redmond for more information.
Learn more about the 2021 Microsoft Research Summit: Aka.ms/researchsummit
DARPA and MITRE estimate that 80 percent of software security vulnerabilities have incorrect input validation as their root cause. In such scenarios, attackers provide malformed input, which, when not properly rejected, causes various misbehaviors such as buffer overruns or integer overflows, which ultimately lead to giving the attacker full control of the system. Thus, hardening critical software systems by systematically replacing their input validation code with formally proven message parsers can make a radical difference. This research talk by Sergey Bratus, DARPA, is the first of three talks that will present ongoing and future research and engineering efforts to this end, demonstrating how projects such as Microsoft Research EverParse and DARPA SafeDocs harden input validation for various applications, ranging from network communication protocols to document formats. See talks by Tahina Ramananandro and Aseem Rastogi from Microsoft Research Redmond for more information.
Learn more about the 2021 Microsoft Research Summit: Aka.ms/researchsummit
Свежие видео
3 дня – 6210:53
4 дня – 96 7535:32
9 дней – 6 8180:21
9 дней – 2 039 1661:17
14 дней – 21 84048:44
Случайные видео
231 день – 68 5520:57
25.03.23 – 1 330 6994:22:49
27.06.22 – 2 1652:33
12.02.22 – 1 7540:31
03.12.21 – 88 5086:33
28.04.20 – 31 4106:03
1 день – 1360:30
2 дня – 1591:59
3 дня – 49 61211:30
4 дня – 5134:35
6 дней – 151 6870:30
9 дней – 152 8223:25
9 дней – 12 5134:50
3 дня – 3225:24
3 дня – 1 4894:46