LangSec Workshop

at IEEE Security & Privacy, May 24, 2018

Workshop program

Fifth Language-theoretic Security (LangSec) IEEE Security & Privacy Workshop

Preliminary Program

7:30-8:30amBreakfast
9am-9:15amOpening Words from the Organizers
9:15-10:15am Keynote: Mike Walker, "Persuasive Language for Language Security: Making the case for software safety."
10:15-10:45am Morning Coffee Break
10:45am-12:30pm First Session: Papers
Keith Irwin, "Redesigning Secure Protocols to Compel Grammatical Compliance Checking."
Jayakrishna Menon, Christophe Hauser, Yan Shoshitaischvili, and Stephen Schwab. "A binary analysis approach to retrofit security in input parsing routines."
Rodrigo Branco, Kekai Hu, Henrique Kawakami, and Ke Sun. "A Mathematical Model of Exploitation and Mitigation Techniques Using Set Theory".
Erik Poll, "LangSec revisited: input security flaws of the second kind."
12:30-1:30pm Lunch
1:30-3:15pmSecond Session: Invited talks (Session chair: Julien Vanegue)
Julien Vanegue, "The Automated Exploitation Grand Challenge: A Five-Year Retrospective."
Thoman Dullien, "State machines, intended, emergent, and unintended computation."
Gang Tan, "Bidirectional and executable specifications of machine code decoding and encoding."
Ben Delaware, "Using verified parsers and serializers to build format-aware fuzzers"
3:15-3:45pm Afternoon Coffee Break
3:45-5:30pmThird Session: Industry Case Studies, Work-in-progress
Mark Tullsen, "Challenges and Possibilities for Secure ASN.1 Encoders and Decoders."
Joey Dodds, "Comprehensive Language and Protocol Verification at Galois."
Adam Crain, Prashant Anantharaman, "LangSec for Critical Infrastructure: SSP21, a secure lightweight SCADA protocol"
Travis Goodspeed, "Unicode: What's in a string? A rose by any other name---or does is?"
Joe Rozner, "Building a Re-targetable Grammar Based Fuzzer."

The LangSec Roundtable. "2018: Have we reached peak LangSec yet?"
5:30-6pm Thanks & Further Research Directions