Explore the critical topic of Regular Expression Denial-of-Service (ReDoS) vulnerabilities in this 15-minute IEEE conference talk. Gain insights into the challenges of detecting and exploiting these vulnerabilities, learn about the Revealer tool, and understand vulnerable patterns in regular expressions. Discover the process of exploit generation and its potential impact on system security. Examine experimental results and grasp the significance of addressing ReDoS vulnerabilities in software development and security practices.
Revealer- Detecting and Exploiting Regular Expression Denial-of-Service Vulnerabilities
Overview
Syllabus
Introduction
Challenges
Response
Enfa
StaticVulnerable Patterns
Exploit Generation
Experiment
Experiments
Impact
Summary
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
Using Selective Memoization to Defeat Regular Expression Denial of Service - ReDoS
-
Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation
-
Oh No! My Regex Is Causing a Denial of Service! What Can I Do About It?
-
Towards an Effective Method of ReDoS Detection for Non-backtracking Engines
-
Denial of Service with a Fistful of Packets - Exploiting Algorithmic Complexity Vulnerabilities
