...

This talk centers on the program analysis approach of deriving symbolic expressions of software behavior, and then automatically reasoning about those expressions using an SMT solver. This approach have proved very powerful in security applications, because it is both precise (avoiding approximation) and flexible (the same representation can support many kinds of queries). I'll cover some examples of how we use this class of techniques in our BitBlaze and WebBlaze projects, which target the security challenges of binary software and web software respectively. First I'll discuss approaches for finding buffer overflow vulnerabilities by combining static analysis with symbolic execution, and performing quantitative information flow measurement by viewing channel capacity as a #SAT problem. In the web context, character strings are a critical data type: I'll discuss how we dealt with them in analyzing a browser feature know as "content sniffing", and in searching for client-side vulnerabilities in JavaScript code.

Links to the projects discussed in the talk (the pages in turn have links to the publications):

http://bitblaze.cs.berkeley.edu/sdse-testgen.html^{Image Added} http://bitblaze.cs.berkeley.edu/influence.html^{Image Added} http://webblaze.cs.berkeley.edu/2009/content-sniffing/^{Image Added} http://webblaze.cs.berkeley.edu/2010/kudzu/^{Image Added}

Speaker: Stephen McCamant, for Dawn Song & Prateek Saxena, University of California, Berkeley, USA

...

Dawn Song is an associate professor of Computer Science at UC Berkeley. Prior to joining UC Berkeley, she was an Assistant Professor at Carnegie Mellon University from 2002 to 2007. Her research interest lies in security and privacy issues in computer systems and networks, including areas ranging from software security, networking security, database security, distributed systems security, to applied cryptography. She is the recipient of various awards including the MacArthur Fellowship, the Guggenheim Fellowship, the NSF CAREER Award, the Alfred P. Sloan Research Fellowship Award, the MIT Technology Review TR-35 Award, the IBM Faculty Award, the George Tallman Ladd Research Award, the Okawa Foundation Research Award, and the Li Ka Shing Foundation Women in Science Distinguished Lecture Series Award. She is also the author of multiple award papers in top security conferences, including the best paper award at the USENIX Security Symposium and the highest ranked paper at the IEEE Symposium on Security and Privacy.

Links to the projects discussed in the talk (the pages in turn have links to the publications):

http://bitblaze.cs.berkeley.edu/sdse-testgen.html^{Image Removed} http://bitblaze.cs.berkeley.edu/influence.html^{Image Removed} http://webblaze.cs.berkeley.edu/2009/content-sniffing/^{Image Removed} http://webblaze.cs.berkeley.edu/2010/kudzu/^{Image Removed}