PhD Defense by David Dewey

*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************

Event Details
  • Date/Time:
    • Monday August 10, 2015 - Tuesday August 11, 2015
      11:00 am - 12:59 pm
  • Location: Klaus 3126 (GTISC war room)
  • Phone:
  • URL:
  • Email:
  • Fee(s):
    N/A
  • Extras:
Contact
No contact information submitted.
Summaries

Summary Sentence: FINDING AND REMEDYING HIGH-LEVEL SECURITY ISSUES IN BINARY CODE

Full Summary: No summary paragraph submitted.

Title: FINDING AND REMEDYING HIGH-LEVEL SECURITY ISSUES IN BINARY CODE

 

David Dewey

School of Computer Science

College of Computing

Georgia Institute of Technology

 

Date: Monday, August 10, 2015

Time: 11:00am - 1:00pm EDT

Location: Klaus 3126 (GTISC war room)

 

Committee:

Dr. Patrick Traynor (Advisor, School of Computer Science, Georgia Tech) Dr. Mustaque Ahamad (School of Computer Science, Georgia Tech) Dr. Sasha Boldyreva (School of Computer Science, Georgia Tech) Dr. William Harris (School of Computer Science, Georgia Tech) Dr. Jonathon Giffin (Senior Software Engineering, Fortify Software, an HP Company)

 

 

Abstract:

 

C++ and Microsoft's Component Object Model (COM) are examples of a

C++ high-level language

and development framework that were built on top of the lower-level, primitive language, C. C was never designed to support concepts like object orientation, type enforcement, and language independence. Further, these languages and frameworks are designed to compile and run directly on the processor where these concepts are also not supported. Other high-level languages that do support these concepts make use of a runtime or virtual machine to create a computing model to suit their needs. By forcing these high-level concepts into a primitive computing model, many security issues have been introduced. Existing binarylevel security analysis tools and runtime enforcement frameworks operate at the lowest level of context. As such, they struggle to detect and remedy higher-level security issues. In this dissertation, a framework for elevating the context of binary code is presented. By bringing the context for analysis closer to where these security issues are introduced, this framework allows for higher-level analyses and enforcement frameworks to be developed.

Additional Information

In Campus Calendar
No
Groups

Graduate Studies

Invited Audience
Public
Categories
Other/Miscellaneous
Keywords
Phd Defense
Status
  • Created By: Tatianna Richardson
  • Workflow Status: Published
  • Created On: Jul 27, 2015 - 10:14am
  • Last Updated: Oct 7, 2016 - 10:12pm