LangSec Workshop

at IEEE Security & Privacy, May 26th, 2022

Workshop program

Eighth Language-theoretic Security (LangSec) IEEE Security & Privacy Workshop

Preliminary Program (All times are in US Pacific time)

8:30-8:40amOpening Words from the Organizers
8:40-9:40am Keynote (Session chair: Sergey Bratus): Trojan Source and Bad Characters: Invisible Hacks and Reluctant Patching. Ross Anderson and Nicholas Boucher (U. of Cambridge)
9:40-10:10am Coffee break
10:10-11:50am First Session: Research papers with in-person presentations (Session chair: Julien Vanegue)
"Anomaly Detection with Neural Parsers That Never Reject". Alexander Grushin and Walt Woods (Galois Inc.).
"Statistical Detection of Format Dialects Using the Weighted Dowker Complex". Michael Robinson (American University), Letitia W. Li (BAE Systems), Cory Anderson (BAE Systems), and Steve Huntsman.
"Certified Parsing of Dependent Regular Grammars". John Sarracino (Cornell), Gang Tan (Penn State), and Greg Morrisett (Cornell).
"A Secure Parser Generation Framework for IoT Protocols on Microcontrollers". Sameed Ali and Sean Smith (Dartmouth).
"A Format-Aware Reducer for Scriptable Rewriting of PDF Files". Prashant Anantharaman (Dartmouth), Steven Cheung (SRI International), Nicholas Boorman (SRI International), and Michael E. Locasto (Narf Industries).
11:50am-1:00pm Lunch Break
1:00-1:40pmSecond Session: Research reports and WIP with in-person presentations (Session chair: Meredith L. Patterson)
"Strengthening Weak Links in the PDF Trust Chain". Mark Tullsen (Galois Inc.), William Harris (Galois Inc.), and Peter Wyatt (PDF Association).
"Progress on Building a File Observatory for Secure Parser Development". Tim Allison, Wayne Burke, Dustin Graf, Chris Mattmann, Anastasija Mensikova, Mike Milano, Philip Southam, Ryan Stonebraker (Jet Propulsion Laboratory).
"WIP: Input synthesis for data-dependent grammars". Simon Winwood and Mike Dodds (Galois Inc.) (1:30-1:40pm).
1:40-2:40pm Research Panel
"Devising a Blueprint to Eliminate Early-Stage Differentials". Letitia Li, Andrew Holmes, Sophia D'Antoine, Leonard Rosenthal, Sanford Bingham. Moderated by Prashant Anantharaman (Dartmouth).
2:40-3:00pm Refreshment Break
3:00-4:00pmKeynote (Session chair: Gary Tan): What is a Secure Programming Language? by Cristina Cifuentes, Oracle.
4:00-4:10pm Short Break
4:10-4:55pmThird Session: Virtual presentations (Session chair: Sergey Bratus)
"Capturing the iccMAX calculator Element: A Case Study on Format Design". Vijay Kothari, Prashant Anantharaman, Sean Smith (Dartmouth), Briland Hitaj, Prashanth Mundkur, Natarajan Shankar (SRI International), Letitia Li (BAE Systems), Iavor Diatchki and William Harris (Galois Inc.) (4:10-4:30pm).
"Research Report: On the Feasibility of Retrofitting Operating Systems with Generated Protocol Parsers". Wayne Wang and Peter C. Johnson (Middlebury College) (4:30-4:45pm).
"WIP: Linguistic Tools for Managing Grammatical Domains". Anders Miltner (UT Austin), Devon Loehr (Princeton), Arnold Mong (Princeton), Kathleen Fisher (Tufts), David Walker (Princeton) (4:45-4:55pm).