Explore a 16-minute IEEE conference talk on detecting Regular Expression Denial of Service (ReDoS) vulnerabilities through advanced modeling and exploit generation techniques. Delve into the research conducted by an international team of experts from the Institute of Information Engineering, Chinese Academy of Sciences, Nanyang Technological University, and Shenzhen University. Learn about their principled approach to vulnerability modeling and how it enhances the effectiveness of ReDoS detection. Gain insights into the methodologies used for exploit generation and their impact on identifying potential security risks in regular expression implementations.
Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation
Overview
Syllabus
Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
Revealer- Detecting and Exploiting Regular Expression Denial-of-Service Vulnerabilities
-
SyzDescribe - Principled, Automated, Static Generation of Syscall Descriptions for Kernel Drivers
-
Using Selective Memoization to Defeat Regular Expression Denial of Service - ReDoS
-
Exploit the Last Straw That Breaks Android Systems
-
Runtime Recovery of Web Applications under Zero-Day ReDoS Attacks
-
Scaling JavaScript Abstract Interpretation to Detect and Exploit Node.js Taint-style Vulnerability
