[Busec] tomorrow at 11: Kangjie Lu

Leonid Reyzin reyzin at cs.bu.edu
Thu Mar 16 17:37:55 EDT 2017

Friday March 17 at 11 am in MCS Room 180 (Hariri Seminar Room)


Kangjie Lu, Georgia Tech


Securing Modern Systems by Preventing Information Leaks


Widely used systems such as operating systems are implemented in
unsafe programming languages for efficiency, and system designers
often prioritize performance over security. Hence, these foundational
systems inherently suffer from a variety of vulnerabilities and
insecure designs that have been exploited by adversaries to launch
critical system attacks. Two typical goals of these attacks are to
leak sensitive data and to control victim systems.

In this talk, I will first explain why, in modern systems, preventing
information leaks can be a general defense that not only stops data
leaks but also defeats control attacks. Then, I will present three
ways to prevent information leaks: eliminating information-leak
vulnerabilities in code, re-designing system mechanisms against
information leaks, and protecting certain sensitive data from
information leaks. Correspondingly, I have developed three tools,
which impose negligible performance overhead while automatically and
reliably securing complex systems. In the end, I will discuss how to
secure both widely used and emerging systems in various dimensions.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/busec/attachments/20170316/23e8f8d5/attachment.html>

More information about the Busec mailing list