{"52804":{"#nid":"52804","#data":{"type":"event","title":"CS Faculty Candidate Seminar - David Brumley","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003EDavid Brumley\u003Cbr \/\u003ECarnegie Mellon University\u003C\/strong\u003E\u003C\/p\u003E\n\u003Cp\u003E\u003Cstrong\u003E\u0022Analysis and Defense of Vulnerabilities in Binary Code\u0022\u003C\/strong\u003E\u003C\/p\u003E\n\u003Cp\u003E\u003Cstrong\u003EAbstract:\u003C\/strong\u003E New vulnerabilities are constantly discovered and exploited by\u003Cbr \/\u003Eattackers. A major focus of my research is developing techniques for\u003Cbr \/\u003Eprotecting vulnerable applications when the program is only readily\u003Cbr \/\u003Eavailable as binary (i.e., executable) code.\u00a0 Since most programs are\u003Cbr \/\u003Eavailable in binary form, and binary-only analysis does not require\u003Cbr \/\u003Ecooperation of the source code vendor, this line of research is likely\u003Cbr \/\u003Eto impact a wide audience.\u003C\/p\u003E\n\u003Cp\u003EIn this talk, I show two new security applications of binary code\u003Cbr \/\u003Eanalysis: automatic patch-based exploit generation, and automatic\u003Cbr \/\u003Einput filter generation. In this first part, I show how binary\u003Cbr \/\u003Eanalysis can be used to automatically generate exploits based upon\u003Cbr \/\u003Epatches released from Windows Update.\u00a0 An immediate consequence of\u003Cbr \/\u003Ethis line of research is that many current vendor patching practices\u003Cbr \/\u003Eare insecure because they allow attackers to create new exploits\u003Cbr \/\u003Ebefore all vulnerable hosts can receive a patch. All is not lost,\u003Cbr \/\u003Ehowever. In the second part of this talk, I show how to defend against\u003Cbr \/\u003Eexploits by automatically generating input filters. Input filters\u003Cbr \/\u003Eremove exploits from the input stream, thus allowing the vulnerable\u003Cbr \/\u003Eapplication to continue to operate normally even under attack. The\u003Cbr \/\u003Egenerated input filters are guaranteed to only filter out exploits,\u003Cbr \/\u003Ethus safe to automatically deploy.\u003C\/p\u003E\n\u003Cp\u003E\u003Cstrong\u003EBio:\u003C\/strong\u003E David Brumley is a PhD student in Computer Science at Carnegie Mellon\u003Cbr \/\u003EUniversity.\u00a0 His current work focuses on software security. His\u003Cbr \/\u003Eresearch and interests also include all areas of security, as well as\u003Cbr \/\u003Eprogramming languages, compilers, formal methods, and systems. He is a\u003Cbr \/\u003Erecipient of the Symantec Research Fellowship Award for 2007. His\u003Cbr \/\u003Eresearch has won several awards, including 2 best paper awards at\u003Cbr \/\u003Etop-tier security conferences.\u003C\/p\u003E\n\u003Cp\u003E\u003C\/p\u003E","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":"","uid":"27154","created_gmt":"2010-02-11 15:57:53","changed_gmt":"2016-10-08 01:50:09","author":"Louise Russo","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2008-03-06T10:00:00-05:00","event_time_end":"2008-03-06T11:00:00-05:00","event_time_end_last":"2008-03-06T11:00:00-05:00","gmt_time_start":"2008-03-06 15:00:00","gmt_time_end":"2008-03-06 16:00:00","gmt_time_end_last":"2008-03-06 16:00:00","rrule":null,"timezone":"America\/New_York"},"extras":[],"groups":[{"id":"47223","name":"College of Computing"}],"categories":[],"keywords":[],"core_research_areas":[],"news_room_topics":[],"event_categories":[],"invited_audience":[],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"Shanita Williams","format":"limited_html"}],"email":[],"slides":[],"orientation":[],"userdata":""}}}