Eliminating Input-Based Attacks by Deriving Automated Encoders and Decoders from Context-Free Grammars
Offered By: IEEE via YouTube
Course Description
Overview
Explore a 25-minute IEEE conference talk that delves into eliminating input-based attacks through automated encoder and decoder derivation from context-free grammars. Learn about McHammerCoder, an innovative (un)parser and encoding generator supporting both textual and binary languages. Discover how this tool automatically applies generated encodings derived from language grammars, effectively preventing injections without manual encoding definition. Gain insights into improving software system security by addressing vulnerabilities arising from complex communication languages, including arbitrary code execution and cross-site scripting in HTML and JSON. Understand the importance of correct parsing and unparsing in developing secure and reliable systems, and how McHammerCoder provides developers with proper input and output handling code for custom languages.
Syllabus
Eliminating Input-Based Attacks by Deriving Encoders and Decoders from CFGs
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Automata TheoryStanford University via edX Theory of Computation
Indian Institute of Technology Kanpur via Swayam Introduction to Automata, Languages and Computation
Indian Institute of Technology, Kharagpur via Swayam Theory of Computation
YouTube Theory of Computation
NPTEL via YouTube