YoVDO

Eliminating Input-Based Attacks by Deriving Automated Encoders and Decoders from Context-Free Grammars

Offered By: IEEE via YouTube

Tags

IEEE Symposium on Security and Privacy Courses Software Development Courses Cybersecurity Courses Context-Free Grammars Courses

Course Description

Overview

Explore a 25-minute IEEE conference talk that delves into eliminating input-based attacks through automated encoder and decoder derivation from context-free grammars. Learn about McHammerCoder, an innovative (un)parser and encoding generator supporting both textual and binary languages. Discover how this tool automatically applies generated encodings derived from language grammars, effectively preventing injections without manual encoding definition. Gain insights into improving software system security by addressing vulnerabilities arising from complex communication languages, including arbitrary code execution and cross-site scripting in HTML and JSON. Understand the importance of correct parsing and unparsing in developing secure and reliable systems, and how McHammerCoder provides developers with proper input and output handling code for custom languages.

Syllabus

Eliminating Input-Based Attacks by Deriving Encoders and Decoders from CFGs


Taught by

IEEE Symposium on Security and Privacy

Tags

Related Courses

Automata Theory
Stanford University via edX
Theory of Computation
Indian Institute of Technology Kanpur via Swayam
Introduction to Automata, Languages and Computation
Indian Institute of Technology, Kharagpur via Swayam
Theory of Computation
YouTube
Theory of Computation
NPTEL via YouTube