Events

Colloquium Cyber­security: Practical Program Analysis for Secure Software

November 15, 2016, 12:00 pm – 01:00 pm

Location: TU Darmstadt | Mornewegstraße 32 | Raum 5.3.01 | Darmstadt

Speaker: Dr. Michael Pradel, TU Darmstadt

Im Rahmen des Colloquiums Cyber­security hält Dr. Michael Pradel von der TU Darmstadt einen Vortrag zum Thema: Practical Program Analysis for Secure Software.

Abstract:
Programming mistakes and malicious code lead to severe security and privacy problems.
This talk presents two practical program analyses that address such issues in widely used real-world software.
The first approach addresses the problem of code injection attacks on JavaScript applications running on the Node.js platform.
e present a combined static-dynamic program analysis that detects and prevents injections. The technique allows vulnerable modules to be used in a safe way, without requiring the modification of the Node.js platform, and it protects against attacks of vulnerable modules while imposing little overhead and inducing few false positives.
The second approach addresses Android malware that hides its malicious behavior unless it is executed in a particular environment. We present FuzzDroid, a framework for automatically generating an Android execution environment where an application exposes its malicious behavior.
The key idea is to combine an extensible set of static and dynamic analyses through a search-based algorithm that steers the application toward a configurable target location. On recent malware, the approach reaches the target location in 75% of the applications within an average time of only one minute, enabling s

Bio:
Michael Pradel leads an independent research group at TU Darmstadt.
His research interests span software engineering, programming languages, and security, with a focus on tools and techniques for building reliable, efficient, and secure software.
Previously, he has been a postdoctoral researcher at UC Berkeley, and a postdoctoral researcher and lecturer at ETH Zurich, where he received his Ph.D. in 2012. Michael graduated in computer science at TU Dresden and in engineering at Ecole Centrale Paris.
He visited EPFL to pursue his master thesis. Michael has been awarded the Software Engineering Award of the Ernst-Denert-Foundation for his dissertation and the Emmy Noether grant by the German Research Foundation (DFG).

show all events
Cornelia Reitz

Contact

Cornelia Reitz
Communication

Tel.: +49 6151 869-368
write an email

Archive

Past events can be found in our archive.