Institute of Computer Languages
Compilers and Languages Group

Talks 2015 - Michael Franz

Der Arbeitsbereich für Programmiersprachen und Übersetzer am Institut für Computersprachen lädt zu folgendem Vortrag ein:

Prof. Dr. Michael Franz

University of California, Irvine, CA, USA

über

Software Defenses Inspired by Biodiversity

Datum: Freitag, den 20. Februar 2015
Zeit: 11:00 Uhr s.t. *)
Ort: Bibliothek E185.1, Argentinierstraße 8, 4. Stock (Mitte)
*) Tee: 10:30 Uhr in der Bibliothek E185.1, Argentinierstraße 8, 4. Stock (Mitte)

Zusammenfassung:

Today's software monoculture creates asymmetric threats. An attacker needs to find only one way in, while defenders need to guard a lot of ground. Adversaries can fully debug and perfect their attacks on their own computers, exactly replicating the environment that they will later be targeting. Software diversity raises the bar to attackers. A diversification engine automatically generates a large number of different versions of the same program, potentially one unique version for every computer. These all behave in exactly the same way from the perspective of the end-user, but they implement their functionality in subtly different ways. As a result, a specific attack will succeed on only a small fraction of targets and a large number of different attack vectors would be needed to take over a significant percentage of them. Because an attacker has no way of knowing a priori which specific attack will succeed on which specific target, this method also very significantly increases the cost of attacks directed at specific targets. We have built such a diversification engine which is now available as a prototype. We can diversify large software distributions such as the Firefox and Chromium web browsers or a complete Linux distribution. Some preliminary insights will be presented as well as some practical issues, such as the problem of reporting errors when every binary is unique.

Kurzbiographie von Michael Franz

Michael Franz is the director of the Secure Systems and Software Laboratory at the University of California, Irvine (UCI). He is a Full Professor of Computer Science in UCI's Donald Bren School of Information and Computer Sciences and a Full Professor of Electrical Engineering and Computer Science (by courtesy) in UCI's Henry Samueli School of Engineering. Prof. Franz was an early pioneer in the areas of mobile code and dynamic compilation. He created an early just-in-time compilation system, contributed to the theory and practice of continuous compilation and optimization, and co-invented the trace compilation technology that eventually became the JavaScript engine in Mozilla's Firefox browser. Franz received a Dr. sc. techn. degree in Computer Science (advisor: Niklaus Wirth) and a Dipl. Informatik-Ing. ETH degree, both from the Swiss Federal Institute of Technology, ETH Zurich. (http://www.michaelfranz.com/)

Sie möchten auf diesen Vortrag durch Aushang hinweisen? Eine druckfertige Einladung im pdf-Format dafür finden Sie hier.

Complang
   About Us
   Research
   Lehre
   Service
      Robotics
      Library
      Talks 2017
      Talks 2016
      Talks 2015
      Talks 2014
      Talks 2013
      Talks 2012
      Talks 2011
      Talks 2010
      Talks 2009
      Talks 2008
      Talks 2007
      Talks 2006
      Talks 2005
      Talks 2004
Sitemap
Contact
Fast Access:
Previous Talk
Next Talk
Faculty of Informatics
Vienna University of Technology
top | HTML 4.01 | last update: 2017-02-13 (Webmaster)