Description
By interpreting terms as distributions over strings, Abadi and Rogaway proved under suitable assumptions that indistinguishability in the computational setting, accepted as the impossibility for an observer to acquire knowledge from observing a protocol execution, is equivalent to formal equivalence in a symbolic setting. This result led to multiple results on “deciding knowledge” using static equivalence.
I will present how this equivalence between a real and a formal setting can be leveraged to synthesize an anomaly detection system that constructs a monitor learned by observing the real traffic in a network.
Next sessions
-
The Design and Implementation of a Virtual Firmware Monitor
Speaker : Charly Castes - EPFL
Low level software is often granted high privilege, yet this need not be the case. Although vendor firmware plays a critical role in the operation and management of the machine, most of its functionality does not require unfettered access to security critical software and data. In this paper we demonstrate that vendor firmware can be safely and efficiently deprivileged, decoupling its[…]-
SoSysec
-
Compartmentalization
-
Operating system and virtualization
-