Tenth LangSec Workshop

at IEEE Security & Privacy, May 23, 2024

Workshop program

Tenth Language-theoretic Security (LangSec) IEEE Security & Privacy Workshop

Preliminary Program (All times are in US Pacific time)

8:30-8:40amOpening Words from the Organizers
8:40-9:40amKeynote (Session chair: Sergey Bratus): Towards Language-Theoretic Security for Dynamic Documents. Will Crichton and Shriram Krishnamurthi (Brown University)
9:40-10:00amARPA-H Invited Talk: Medical Data Expression: Unlocking the Next Generation of Healthcare AI. Andrew Carney (ARPA-H)
10:20am-12:00pmFirst Session: Research Papers (Session chair: Julien Vanegue)
Vulnerability Flow Type Systems. Mohsen Lesani (UC Santa Cruz)
Weird Machines in Package Managers: A Case Study of Input Language Complexity and Emergent Execution in Software Systems. Sameed Ali, Sean Smith (Dartmouth College) and Michael E. Locasto (NARF Industries)
Robust Verification of PEG Parser Interpreters. Zephyr Lucas (Dartmouth College) and Natarajan Shankar (SRI)
Research Report: An Optim(l) Approach to Parsing Random-Access Formats. Mark Tullsen, Sam Cowger, Mike Dodds (Galois, Inc.) and Peter Wyatt (PDF Association)
1:00-1:30pmPoster Session
FusionProbe: A Look Into The Utility Of Fusing Static & Dynamic Analysis, Rodrigo Branco, Imani Palmer, Rob Adams and Edmond Rogers;
On the Effectiveness of Intel's CAT as a Side Channel Mitigation, Pawel Wieczorkiewicz, Rodrigo Branco, and Ben Lee
1:30-2:30pmKeynote (Session chair: Rodrigo Branco): Beyond LogoFAIL: The Stubborn Security Challenge of Parser Vulnerabilities. Alex Matrosov (Binarly.io)
2:30-2:40pm Short Break
2:40-3.30pm Second Session: Invited Talks (Session chair: Sean W. Smith)
ParDiff: Practical Static Differential Analysis of Network Protocol Parsers. Mingwei Zheng & Xiangyu Zhang (Purdue Univerity)
Security Challenges of Parsing Differentials on the Web. Bahruz Jabiyev (Dartmouth College)
3:30-3:50pmAfternoon Break
3:50-5:00pmThird Session: Research Reports (15 mins) and Work-in-Progress (10 mins) (Session chair: Sergey Bratus)
Research Report: Not All Specifications Are Created Equal. Meng Xu (University of Waterloo)
Parsing, Performance, and Pareto in Data Stream Security. J Peter Brady and Sean W Smith (Dartmouth College)
Research Report: Enhanced eBPF Verification and eBPF-based Runtime Safety Protection. Guang Jin, Jason Li and Greg Briskin (Trusted Science & Technology)
Research Report: Testing and Evaluating Artificial Intelligence Applications. Paul Lintilhac, Joshua Ackerman and George Cybenko (Dartmouth College()
Work-in-progress Presentations:
On the Idea of Risk And Input Complexity: Embracing Insecurity Using Weird Machines Theory to Measure Attack Surfaces. Froylan Maldonado and Matthew Levy (NIWC)
Real-World Threats From In-Use “Blind Random” Block Corruption. Rodrigo Branco and Shay Gueron
5:00-5:20pmBug of the Year Awards and closing words from organizers