Eliminating Input-Based Attacks by Deriving Automated Encoders and Decoders from Context-Free Grammars
Offered By: IEEE via YouTube
Course Description
Overview
Explore a 25-minute IEEE conference talk that delves into eliminating input-based attacks through automated encoder and decoder derivation from context-free grammars. Learn about McHammerCoder, an innovative (un)parser and encoding generator supporting both textual and binary languages. Discover how this tool automatically applies generated encodings derived from language grammars, effectively preventing injections without manual encoding definition. Gain insights into improving software system security by addressing vulnerabilities arising from complex communication languages, including arbitrary code execution and cross-site scripting in HTML and JSON. Understand the importance of correct parsing and unparsing in developing secure and reliable systems, and how McHammerCoder provides developers with proper input and output handling code for custom languages.
Syllabus
Eliminating Input-Based Attacks by Deriving Encoders and Decoders from CFGs
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network