LSE Summer Week - July 6 - July 7 2019

Introducing the LSE Week

Violating your package manager's privacy - Mathieu Nativel

Some package managers uses SSL apparently for privacy reasons, let's see if it's possible to guess the transactions made by the package managers without breaking the encryption ! Youtube

Secure lazy binding in x86_64 - Thibault Vivies

What's dynamic relocation. Overview ld.so, bind now / lazy binding. A solution for read only lazy binding, kbind syscall. Youtube

Arbitrary tree differencing for code copy detection - Nicolas Manichon

Code copy has always been a security problem, with open source projects checking in code from one another, applying modifications and not being able to backport security fixes in a timely manner. I present a project that can perform code copy detection on a large number of files. Youtube

pyvmidbg: a flexible hypervisor-level debugger - Mathieu Tarral

Virtual machine introspection is a concept where a host application can rebuild a VM's execution context, via the hardware state provided by hypervisor interfaces. This technology has been leveraged since a couple of years already to build powerful stealth sandboxes for malware analysis. But what about our debuggers ? In this talk, i will explain why debugging from the hypervisor is powerful and relevant in today's world, as well as showing my research on the topic, a Libvmi based GDB stub in Python, capable of debugging a remote process running on Windows XP, on top of Xen. Youtube

Arabic fine-grained dialect identification - Victor Guichard & Gaël de Francony

We present two approaches for Arabic Fine-Grained Dialect Identification. The first approach is based on Recurrent Neural Networks (BLSTM, BGRU) using hierarchical classification. The main idea is to separate the classification process for a sentence from a given text in two stages. We start with a higher level of classification (8 classes) and then the finer-grained classification (26 classes). The second approach is given by a voting system based on Naive Bayes and Random Forest. Our system achieves an F1-score of 63.02% on the subtask evaluation dataset. Youtube

Rump session

Apéro

Barbecue

Accelerate Boolean Constraint Propagation for Boolean Satisfiability Solvers with FPGA - Maxence Caron--Lasne

Boolean Satisfiability (or SAT) problem is the problem of finding if a set of Boolean values that satisfies a given Boolean formula exists. SAT, even if it is the first problem proven NP-complete, is used in fields like circuit design and automatic theorem proving. The algorithm used to solve SAT problems is arborescent but the most time consuming operation used in it, the Boolean Constraint Propagation (BCP), is a good target for hardware acceleration. Based on the work of John D. Davis, we will explore a BCP co-processor design for FPGA. We will also see some possible techniques to improve this design: Content Addressable Memory (CAM) and caching. Youtube

slab/vmem: introduction to memory management. - Pierre Cornet

This talk presents 2 complementary memory management designs used in kernel memory management: slab allocator and vmem allocator. The slab allocator is based on a cache allocation of objects that remain in constructed state between usages. This proves to be space-efficient and fast. The vmem allocator is a general-purpose resource allocator allowing for arbitrary-size allocation and better large object allocation. Youtube

Twenty years of OpenBSD - Marc Espie

Since it's the LSE 20th birthday, I thought of doing a quick overview of what I've done in OpenBSD over the past 20 years, one selected commit per year. Get ready for a walk through memory lane, back when everything was a.out and 32MB of memory was decent. Docs Slides Youtube

Reverse engineering through execution trace analysis - Gabriel Duque & Tanguy Dubroca

When participating in CTF competitions, one is often presented with crackme exercises consisting of virtual machines. In general, these virtual machines execute little bits of native code for each opcode their input is comprised of. We will see how execution trace capture, binary lifting and optimization can help us simplify the problem by eliminating the virtual machine. Slides Youtube

The return of pledge: rise of the patches - Guillaume Pagnoux

Last year, I presented my work on trying to implement pledge in a somewhat mergeable way. Since, it could not work the way I intended, let's try again, without caring about being merged someday. For more context, last year's talk can be found here: https://www.youtube.com/watch?v=uXgxMDglxVM Youtube