Skip to content
Licensed Unlicensed Requires Authentication Published by De Gruyter Oldenbourg January 17, 2017

Exploitation as code reuse: On the need of formalization

  • Sergey Bratus

    Sergey Bratus is a Research Associate Professor of Computer Science at Dartmouth College. Sergey is a member of the LangSec.org project that seeks to eliminate large classes of bugs related to input handling, and worked with industrial control systems stakeholders to develop architectural protections for ICS/SCADA systems and protocols. He has a Ph.D. in Mathematics from Northeastern University.

    Dartmouth College, Institute for Security, Technology, and Society, Hanover, NH 03755, United States of America

    EMAIL logo
    and Anna Shubina

    Anna Shubina is a post-doctoral research associate at the Dartmouth Institute for Security, Technology, and Society. Anna was the operator of Dartmouth's Tor exit node when the Tor network had about 30 nodes total. She currently manages the CRAWDAD.org repository of traces and data for all kinds of wireless and sensor network research.

    Dartmouth College, Institute for Security, Technology, and Society, Hanover, NH 03755, United States of America

Abstract

This position paper discusses the need for modeling exploit computations and discusses possible formal approaches to it.

About the authors

Sergey Bratus

Sergey Bratus is a Research Associate Professor of Computer Science at Dartmouth College. Sergey is a member of the LangSec.org project that seeks to eliminate large classes of bugs related to input handling, and worked with industrial control systems stakeholders to develop architectural protections for ICS/SCADA systems and protocols. He has a Ph.D. in Mathematics from Northeastern University.

Dartmouth College, Institute for Security, Technology, and Society, Hanover, NH 03755, United States of America

Anna Shubina

Anna Shubina is a post-doctoral research associate at the Dartmouth Institute for Security, Technology, and Society. Anna was the operator of Dartmouth's Tor exit node when the Tor network had about 30 nodes total. She currently manages the CRAWDAD.org repository of traces and data for all kinds of wireless and sensor network research.

Dartmouth College, Institute for Security, Technology, and Society, Hanover, NH 03755, United States of America

Acknowledgement

The authors gratefully acknowledge many helpful discussions with Felix `FX' Lindner, Julien Vanegue, and Thomas Dullien about the phenomenon of exploitation and its generalizations. The authors are also greatly indebted to Meredith L. Patterson and Len Sassaman who pioneered the language-theoretic and computation-theoretic view of security and exploitation.

Received: 2016-8-9
Revised: 2016-11-19
Accepted: 2016-12-14
Published Online: 2017-1-17
Published in Print: 2017-4-20

©2017 Walter de Gruyter Berlin/Boston

Downloaded on 29.3.2024 from https://www.degruyter.com/document/doi/10.1515/itit-2016-0038/html
Scroll to top button