Oregon State University

Calendar

Calendars

Event Details

Colloquium: Securing Software at the Binary Level


Friday, March 9, 2012 9:40 AM - 11:00 AM

Stephen McCamant, Research Scientist
University of California, Berkeley

Analyzing software at the binary (machine code) level can improve accuracy and provide language-independence, but a lack of source-level structure also makes analysis more challenging. Binary code analysis is especially needed in the security context, since neither malware nor vulnerable commercial software typically comes with source code. In this talk I'll describe three application areas in which program analysis techniques can make our software systems more secure, and in which the binary-level perspective is fruitful. First I'll show how to transform programs at the instruction level to enforce a security (module isolation) policy, such as for a web-browser plugin. Second, I'll tell how to measure a program's adherence to a quantitative information-flow policy to avoid revealing too much private information. Third, I'll use symbolic execution to generate test cases that reveal incorrect behavior in CPU emulators. I'll also discuss what I see as some of the most interesting directions for future applications of binary analysis to security, including better recovery of structural information.

Additional info: http://eecs.oregonstate.edu/colloquium-series


Kelley Engineering Center (campus map)
1007
Weng-Keen Wong
1 541 737 4544
wong at eecs.oregonstate.edu
Sch Elect Engr/Comp Sci
This event appears on the following calendars: