| Fifth Language-theoretic Security (LangSec) IEEE Security & Privacy Workshop |
Preliminary Program |
| 7:30-8:30am | Breakfast |
| 9am-9:15am | Opening Words from the Organizers |
| 9:15-10:15am | Keynote: Mike Walker, "Persuasive Language for Language Security: Making the case for software safety." |
| 10:15-10:45am | Morning Coffee Break |
| 10:45am-12:30pm | First Session: Papers (Session chair: Meredith L. Patterson) |
| Keith Irwin, "Redesigning Secure Protocols to Compel Grammatical Compliance Checking." |
| Jayakrishna Menon, Christophe Hauser, Yan Shoshitaischvili, and Stephen Schwab. "A binary analysis approach to retrofit security in input parsing routines." |
| Rodrigo Branco, Kekai Hu, Henrique Kawakami, and Ke Sun. "A Mathematical Model of Exploitation and Mitigation Techniques Using Set Theory". |
| Erik Poll, "LangSec revisited: input security flaws of the second kind." |
| 12:30-1:30pm | Lunch |
| 1:30-3:15pm | Second Session: Invited talks (Session chair: Julien Vanegue) |
| Julien Vanegue, "The Automated Exploitation Grand Challenge: A Five-Year Retrospective." |
| Thoman Dullien, "State machines, intended, emergent, and unintended computation." |
| Gang Tan, "Bidirectional and executable specifications of machine code decoding and encoding." |
| Ben Delaware, "Using verified parsers and serializers to build format-aware fuzzers" |
| 3:15-3:45pm | Afternoon Coffee Break |
| 4:00-5:45pm | Third Session: Industry Case Studies, Work-in-progress |
| Mark Tullsen, "Challenges and Possibilities for Secure ASN.1 Encoders and Decoders." |
| Joey Dodds, "Comprehensive Language and Protocol Verification at Galois." |
| Adam Crain, Prashant Anantharaman, "LangSec for Critical Infrastructure: SSP21, a secure lightweight SCADA protocol" |
| Joe Rozner, "Building a Re-targetable Grammar Based Fuzzer." |
|
| The LangSec Roundtable. "2018: Have we reached peak LangSec yet?" |
| 5:45-6pm | Thanks & Further Research Directions |