YoVDO

Quantitative Robustness for Vulnerability Assessment

Offered By: ACM SIGPLAN via YouTube

Tags

Vulnerability Assessment Courses Software Security Courses Formal Verification Courses Symbolic Execution Courses Static Analysis Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a 16-minute conference talk from PLDI 2024 that introduces a quantitative approach to robust reachability for vulnerability assessment in software. Learn about Quantitative Robust Symbolic Execution (QRSE), a novel technique that measures the difficulty of triggering bugs by considering the asymmetry between attacker-controlled and uncontrolled variables. Discover how this method improves upon traditional bug reachability analysis for security evaluation by distinguishing between mostly replicable bugs and unrealistic ones. Examine the application of functional E-MAJSAT, a variant of model counting, in the context of formal verification. Gain insights into the practical applications of this approach through security-oriented case studies, including an analysis of the real-world vulnerability CVE-2019-20839 from libvncserver.

Syllabus

[PLDI24] Quantitative Robustness for Vulnerability Assessment


Taught by

ACM SIGPLAN

Related Courses

Formal Software Verification
University System of Maryland via edX Software Analysis & Testing
Georgia Institute of Technology via Udacity Computer Systems Security
Massachusetts Institute of Technology via MIT OpenCourseWare Reverse Engineering 3201: Symbolic Analysis
OpenSecurityTraining2 via Independent angr: Binary Analysis Framework - Demonstration and Analysis
New York University (NYU) via YouTube