Blog Archives

Invited Talk @ UBC – An 18th-century Mathematician, a $336 Million Patent, and Software Experimentation

Abstract: What does software experimentation have to do with an 18th-century Swiss mathematician? Come hear the story that starts with Leonhard Euler, progresses to a software patent worth hundreds of millions, and ends with new ideas for experiment-driven software engineering. The construction of software usually involves many people and programs that need to be maintained […]

Categories: Talks

SecDSM – Recent Trends in Program Analysis for Bug Hunting and Exploitation

Abstract: Software is pervasive, and for better or worse, it now controls most of daily lives. Developing and maintaining secure software is of the upmost importance, but it seems that despite our best efforts we just haven’t gotten it right yet. More importantly we should ask ourselves why haven’t we solved this problem yet? This […]

Categories: Talks

Derbycon 7 – JReFrameworker: One Year Later

Abstract:  JReFrameworker is a Java bytecode manipulation tool released at DEFCON 24 that lowers the barrier to entry for developing Managed Code Rootkits in the Java Virtual Machine. Bytecode manipulations are written entirely in source code, removing the need for any pre-requisite knowledge of bytecode internals and allowing anyone with a basic working knowledge of […]

Categories: Talks

MathWorks 2017 Research Summit – Demystifying Cybersecurity for CPS Community

Abstract: It is challenging for the cyber-physical systems (CPS) community to understand the essentials of cybersecurity. “Security Patch” or the “Kill Switch for WannaCry” jargon is at best oversimplified and superficial to convey essential cybersecurity knowledge. Cybersecurity problems are often rooted in the complex CPS software. For the CPS community, the challenge is to understand […]

Categories: Talks

2017 ACSS Conference Keynote Talk – Euler, the 336 Million Dollar Software Patent: Reflecting on How to Solve Hard Software Problems

Abstract:  The size and complexity of software, the labor cost of programming, and the dire consequences of software malfunction have made it a nightmare to maintain software-intensive cyber-physical systems. Agile development, programming languages, component libraries etc. help but they do not suffice to ensure correctness and cost-effective maintenance of complex software. The central question is: […]

Categories: Talks

ISU Cybersecurity Seminar Series – Exploring the space in between bugs and malware

Abstract: We live in an age of software problems with catastrophic consequences. An extra goto in Apple’s SSL implementation compromised certificate checks for the better part of a year. An erroneous integer conversion in the Ariane 5 launch destroyed the European Space Agency rocket and its cargo valued at 500 million dollars. Often the problem […]

Categories: Talks

IASTATE/ECPE 2016 – Euler, the 336 Million Dollar Software Patent, and Reflecting on How to Solve Hard Software Problems

Abstract:  The size and complexity of software, the labor cost of programming, and the dire consequences of software malfunctioning have made it a nightmare to maintain software-intensive cyber-physical systems. Agile development, programming languages, component libraries etc. help but they do not suffice to ensure correctness and cost-effective maintenance of complex software. The central question is: […]

Categories: Talks

DEFCON 24 – Developing Managed Code Rootkits for the Java Runtime Environment

Abstract: Managed Code Rootkits (MCRs) are terrifying post-exploitation attacks that open the doors for cementing and expanding a foothold in a target network. While the concept isn’t new, practical tools for developing MCRs don’t currently exist. Erez Metula released ReFrameworker in 2010 with the ability to inject attack modules into the C# runtime, paving the […]

Categories: Talks

AICSSC 2014 – Euler and the 336 million dollar software patent

Keynote speech “Euler and the 336 million dollar software patent” was given by Dr. Suresh Kothari. Venue: All India IEEE Computer Society Student Congress 2014 (AICSSC), Pune, India, December 13, 2014 Author: Suresh Kothari

Categories: Talks

INDICON 2014 – Cyber bombs are ticking, what is there to protect us

Keynote speech “Cyber bombs are ticking, what is there to protect us.” was given by Dr. Suresh Kothari. Venue: The 11th IEEE India Conference for Emerging Trends and Innovation in Technology (INDICON 2014), December 11-13 2014, Yashada, Pune, India Author: Suresh Kothari

Categories: Talks