LangSec Workshop

at IEEE Security & Privacy, Thursday May 25, 2017

Workshop program

Fourth Language-theoretic Security (LangSec) IEEE Security & Privacy Workshop

Preliminary Program

7:30-8:30amBreakfast
9am-9:15amOpening Words from the Organizers
9:15-10:15am Keynote: Perry Metzger, "Slow But Steady: Achieving Real Security Within Two Decades"
10:15-10:45am Morning Coffee Break
10:45am-12:30pm First Session: Papers
Stefan Lucks, Norina Grosch and Joshua Koenig, "Taming the Length Field in Binary Data: Calc-Regular Languages"
Pierre Chifflier and Geoffroy Couprie, "Writing parsers like it is 2017"
Tobias Bieschke, Lars Hermerschmidt, Bernhard Rumpe and Peter Stanchev, "Eliminating Input-Based Attacks by Deriving Automated Encoders and Decoders from Context-free Grammars"
Yi Lu, Sora Bae, Paddy Krishnan, and Raghavendra K.R., "Inference of Security-Sensitive Entities in Libraries"
12:30-1:30pm Lunch
1:30-3:15pmSecond Session: Research Reports
Kit S Tse and Peter C Johnson, "A Framework for Validating Session Protocols"
Prashant Anantharaman, Michael Locasto, Gabriela F. Ciocarlie and Ulf Lindqvist, "Building Hardened Internet-of-Things Clients with Language-theoretic Security"
Jacob Torrey, Mark Bridgman and Tomasz Tuzel, "Hardware-Enforcement of Walther-Recursive Program Functions"
Andrei Costin, "Lua Code: Security Overview and Practical Approaches to Static Analysis"
Aniqua Z. Baset, Tamara Denning, "IDE Plugins for Detecting Input-Validation Vulnerabilities"
3:15-3:45pm Afternoon Coffee Break
3:45-5:30pmThird Session: Invited Presentations, Industry Case Studies
Lee Pike, "Programming Languages for High-Assurance Vehicles"
Richo Healey, Dominic Spill, "Embedded Nom: a case study of memory-safe parsing in resource constrained environments"
Alex Bazhaniuk, "How the BIOS assures its handling of inputs"

The LangSec Roundtable: Was 2016 the Year of LangSec Bugs?
5:30-6pm Thanks & Further Research Directions