CIDRE weekly seminars

CIDRE weekly seminars

Zimbra’s calendar : link

Upcoming seminars


Monday 9 March 2020 – CentraleSupelec – 10h

Emmanuel Fleury

Binary Code Analysis: What’s new and What’s next?

Talk Outline

Binary code analysis appeared around the year 2000, with the raise of fuzzing tools and SMT-solvers, it grew up as a research domain since then. We will introduce the domain of binary code analysis with its limitations, present recent discoveries in fuzzing techniques and in symbolic execution and see how they can be combined to improve binary code analysis in the next few years.

Bio
Emmanuel Fleury is an associate professor at Bordeaux University since 2005. He took part to the development of the Insight binary analysis tool and to the BINCOA project around 2008-2012. He is in charge of the computer security part of the Master of Cryptology and Computer Security at University of Bordeaux and teach computer security and reverse-engineering there.

Past seminars


Tuesday 13 Februrary 2020 – Inria – 14h

Mathilde Ollivier

How to kill symbolic deobfuscation for free

Talk Outline

Code obfuscation is a major tool for protecting software intellectual property from attacks such as reverse engineering or code tampering. Yet, recently proposed (automated) attacks based on Dynamic Symbolic Execution (DSE) shows very promising results, hence threatening software integrity. Current defenses are not fully satisfactory, being either not efficient against symbolic reasoning, or affecting runtime performance too much, or being too easy to spot. We present and study a new class of anti-DSE protections coined as path-oriented protections targeting the weakest spot of DSE, namely path exploration. We propose a lightweight, efficient, resistant and analytically proved class of obfuscation algorithms designed to hinder DSE-based attacks. Extensive evaluation demonstrates that these approaches critically counter symbolic deobfuscation while yielding only a very slight overhead.

Bio
Mathilde Ollivier, en 3ème année de thèse au CEA Saclay. J’étudie l’exécution symbolique dynamique et ses applications dans le domaine de l’obfuscation.


Friday 31 January 2020 – CentraleSupélec – 10h

Julia Lawall

Coccinelle: 10 Years of Automated Evolution in the Linux Kernel

Talk Outline

The Coccinelle C-program matching and transformation tool was first released in 2008 to facilitate specification and automation in the evolution of Linux kernel code. Coccinelle allows software developers to write code manipulation rules in terms of the code structure itself, via a generalization of the patch syntax. Over the years, Coccinelle has been extensively used in Linux kernel development, resulting in almost 8000 commits to the Linux kernel, and has found its place as part of the Linux kernel development process. This talk gives an overview of the impact of Coccinelle on Linux kernel development and the features of Coccinelle that have made it possible. We will briefly present two more recent tools, Prequel and Spinfer, that build on Coccinelle to help developers better benefit from the information found in software change histories.

Bio
Julia Lawall is a senior researcher at Inria-Paris, working at the intersection of programming languages, software engineering, and systems. She also contributes to the Linux kernel based on the results of her research.

This work is done in collaboration with Gilles Muller.


Thursday 12 December 2019 – Inria- 14h

Mathieu Escouteloup

Sécurité de la microarchitecture des CPUs

Résumé

La découverte des attaques de type Spectre et Meltdown, et de leurs nombreuses variantes depuis, a mis en évidence la possibilité d’exploiter la microarchitecture des CPUs afin d’exfiltrer des données. La complexité des mécanismes remis en cause rend l’application de simples patches finalement peu efficace. Nous verrons donc pourquoi il est nécessaire d’intégrer des contraintes de sécurité dès la conception, et quel nouveau rôle doit jouer le jeu d’instructions.

Bio

Diplômé dans le domaine de la microélectronique, Mathieu est actuellement en thèse depuis octobre 2018 au sein de l’équipe CIDRE. Il s’intéresse à la sécurité des composantes matériels des systèmes, et plus particulièrement de la microarchitecture des CPUs.

 

Click here to reveal 2019 past seminars

Click here to reveal 2018 past seminars

Comments are closed.