По просьбе проф. Н.Н.Кузюрина направляю информацию о лекции проф.
Х.Когберга, которая состоится
29-го декабря в 12.00 в ИСП РАН (улица Александра Солженицына, 25).
С уважением,
Петренко
=================================================
SPEAKER: Christian Collberg
University of Arizona
SPEAKER BIO:
Christian Collberg received a BSc in Computer Science and
Numerical Analysis and a Ph.D. in Computer Science from Lund
University, Sweden. He is currently an Associate Professor in the
Department of Computer Science at the University of Arizona and
has also worked at the University of Auckland, New Zealand, and
holds a position a the Chinese Academy of Sciences in Beijing,
China.
Prof. Collberg is the author of the first comprehensive textbook
on software protection, "Surreptitious Software: Obfuscation,
Watermarking, and Tamperproofing for Software Protection,"
published in Addison-Wesley's computer security series.
Prof. Collberg is a leading researcher in the intellectual
property protection of software, and also maintains an interest in
compiler and programming language research. In his spare time he
writes songs, sings, and plays guitar for The Zax and hopes one
day to finish up his Great Swedish Novel.
TITLE:
Protecting Distributed Applications Through Software Diversity
ABSTRACT:
Remote Man-at-the-end (R-MATE) attacks occur in distributed
applications where an adversary has physical access to an untrusted
client device and can obtain an advantage from inspecting, reverse
engineering, or tampering with the hardware itself or the software it
contains.
In this talk we give an overview of R-MATE scenarios and present a
system for protecting against attacks on untrusted clients. In our
system the trusted server overwhelms the client's analytical abilities
by continuously and automatically generating and pushing to him
diverse variants of the client code. The diversity subsystem employs a
set of primitive code transformations that provide temporal, spatial,
and semantic diversity in order to generate an ever-changing attack
target for the adversary, making tampering difficult without this
being detected by the server.