Demo: Generating formally proven low-level parsers with EverParse
94
Microsoft Research329 тыс
Следующее
08.02.22 – 732:07Популярные
152 дня – 6103:07:51
331 день – 4481:21Опубликовано 8 февраля 2022, 17:11
Speaker: Aseem Rastogi, Principal Researcher, Microsoft Research India
DARPA and MITRE estimate that 80 percent of software security vulnerabilities have incorrect input validation as their root cause. In such scenarios, attackers provide malformed input, which, when not properly rejected, causes various misbehaviors such as buffer overruns or integer overflows, which ultimately lead to giving the attacker full control of the system. Thus, hardening critical software systems by systematically replacing their input validation code with formally proven message parsers can make a radical difference. This talk is the third of three research talks that will present ongoing and future research and engineering efforts to this end, demonstrating how projects such as Microsoft Research EverParse and DARPA SafeDocs harden input validation for various applications, ranging from network communication protocols to document formats. See talks by Sergey Bratus, DARPA, and Tahina Ramananandro, Microsoft Research Redmond, for more information.
Learn more about the 2021 Microsoft Research Summit: Aka.ms/researchsummit
DARPA and MITRE estimate that 80 percent of software security vulnerabilities have incorrect input validation as their root cause. In such scenarios, attackers provide malformed input, which, when not properly rejected, causes various misbehaviors such as buffer overruns or integer overflows, which ultimately lead to giving the attacker full control of the system. Thus, hardening critical software systems by systematically replacing their input validation code with formally proven message parsers can make a radical difference. This talk is the third of three research talks that will present ongoing and future research and engineering efforts to this end, demonstrating how projects such as Microsoft Research EverParse and DARPA SafeDocs harden input validation for various applications, ranging from network communication protocols to document formats. See talks by Sergey Bratus, DARPA, and Tahina Ramananandro, Microsoft Research Redmond, for more information.
Learn more about the 2021 Microsoft Research Summit: Aka.ms/researchsummit
Свежие видео
8 дней – 278 4464:56
9 дней – 14 3601:04
12 дней – 40 4378:39
16 дней – 4 007 2100:39
19 дней – 108 21110:37Случайные видео
1 день – 3 1910:31
258 дней – 2 235 3370:10
310 дней – 404 77111:46
335 дней – 9 7390:29
10.07.23 – 122 7266:54
15.03.22 – 1 872 8389:25
22 часа – 12 7731:05
2 дня – 3 78429:28
5 дней – 932:31
8 дней – 1 8691:44
9 дней – 21 99237:39
3 дня – 3840:17
5 дней – 50 4110:09