Einladung zum Vortrag von

Prof. Michael Ernst
MIT, Cambridge, USA

This talk presents ClearView, a system that automatically creates patches for previously unknown security vulnerabilities in commercial off-the-shelf software. The patched program survives otherwise fatal attacks, and it provides uninterrupted service both during and after attacks.

ClearView first observes normal executions to learn the program's intended behavior. ClearView correlates violations of this behavior with attacks, by using an attack detector and run-time checking of the behavior. ClearView converts the behavior differences into patches that may repair the behavior violation and eliminate the exploited vulnerability. Finally, ClearView dynamically evaluates each patch, distributing the most successful one.

ClearView was evaluated by being attacked by a hostile external Red Team. The result indicates that ClearView can successfully and automatically eliminate otherwise exploitable vulnerabilities in stripped Windows binaries.

Zeit:
Montag, 17. November 2008, 17:30 Uhr

Ort:
Hörsaal -101 (U.G.),
Informatik-Hauptgebäude (Geb. 50.34)
Am Fasanengarten 5, 76131 Karlsruhe

Die Dozenten der Informatik