NISL
清华大学网络与信息安全实验室学术沙龙,欢迎关注~
This is the Paper Reading Seminar of Network and Information Security Lab (NISL) at Tsinghua University. Tune in for more details!
**时间:**2023年10月26日 14:00 - 16:00
**腾讯会议:**https://meeting.tencent.com/dm/D21J2wuXqQPV
**会议ID:**711-4428-4790
**会议密码:**231026
* 本次分享对外公开直播,线上参会者要求实名备注“姓名-单位”
Agenda
1.**【论文分享】**AnimateDead: Debloating Web Applications Using Concolic Execution
Presenter: 王恩泽
Conference: USENIX Security '23
Authors: Azad B A, Jahanshahi R, Tsoukaladelis C, et al.
Abstract: This paper propose a hybrid approach based on concolic execution, exemplified by AnimateDead, a PHP emulator. This approach uses web server logs to perform concolic reachability analysis, reducing code size by 47%, critical API calls by 55%, and vulnerabilities by 35-65%. This debloating method ensures security improvements without runtime overhead or a training phase, reducing the risk of breakage for users.
Link to paper: https://www.usenix.org/system/files/usenixsecurity23-azad.pdf
2.**【论文分享****】**Titan : Efficient Multi-target Directed Greybox Fuzzin
Presenter: 陈意扬
Conference: S&P '24
Authors: Huang H, Yao P, Hung-Chun C, et al.
Abstract: This paper presents Titan, a tool to provide multi-target directed greybox fuzzing.
Link to paper: https://5hadowblad3.github.io/files/Oakland24-Titan.pdf
# 学术沙龙问卷反馈
编辑|刘一静 黄嘉盛
来源**|NISL实验室**