Amphithéâtre 4, EPITA, 24 rue Pasteur, 94276 Le Kremlin-Bicêtre.
Transports en commun : métro 7 (station Porte d'Italie), bus 47/125/131/185/186 (station Roger Salengro-Fontainebleau).
Some package managers uses SSL apparently for privacy reasons, let's see if it's possible to guess the transactions made by the package managers without breaking the encryption ! Youtube
What's dynamic relocation. Overview ld.so, bind now / lazy binding. A solution for read only lazy binding, kbind syscall. Youtube
Code copy has always been a security problem, with open source projects checking in code from one another, applying modifications and not being able to backport security fixes in a timely manner. I present a project that can perform code copy detection on a large number of files. Youtube
Virtual machine introspection is a concept where a host application can rebuild a VM's execution context, via the hardware state provided by hypervisor interfaces. This technology has been leveraged since a couple of years already to build powerful stealth sandboxes for malware analysis. But what about our debuggers ? In this talk, i will explain why debugging from the hypervisor is powerful and relevant in today's world, as well as showing my research on the topic, a Libvmi based GDB stub in Python, capable of debugging a remote process running on Windows XP, on top of Xen. Youtube
We present two approaches for Arabic Fine-Grained Dialect Identification. The first approach is based on Recurrent Neural Networks (BLSTM, BGRU) using hierarchical classification. The main idea is to separate the classification process for a sentence from a given text in two stages. We start with a higher level of classification (8 classes) and then the finer-grained classification (26 classes). The second approach is given by a voting system based on Naive Bayes and Random Forest. Our system achieves an F1-score of 63.02% on the subtask evaluation dataset. Youtube
Boolean Satisfiability (or SAT) problem is the problem of finding if a set of Boolean values that satisfies a given Boolean formula exists. SAT, even if it is the first problem proven NP-complete, is used in fields like circuit design and automatic theorem proving. The algorithm used to solve SAT problems is arborescent but the most time consuming operation used in it, the Boolean Constraint Propagation (BCP), is a good target for hardware acceleration. Based on the work of John D. Davis, we will explore a BCP co-processor design for FPGA. We will also see some possible techniques to improve this design: Content Addressable Memory (CAM) and caching. Youtube
This talk presents 2 complementary memory management designs used in kernel memory management: slab allocator and vmem allocator. The slab allocator is based on a cache allocation of objects that remain in constructed state between usages. This proves to be space-efficient and fast. The vmem allocator is a general-purpose resource allocator allowing for arbitrary-size allocation and better large object allocation. Youtube
Since it's the LSE 20th birthday, I thought of doing a quick overview of what I've done in OpenBSD over the past 20 years, one selected commit per year. Get ready for a walk through memory lane, back when everything was a.out and 32MB of memory was decent. Docs Slides Youtube
When participating in CTF competitions, one is often presented with crackme exercises consisting of virtual machines. In general, these virtual machines execute little bits of native code for each opcode their input is comprised of. We will see how execution trace capture, binary lifting and optimization can help us simplify the problem by eliminating the virtual machine. Slides Youtube
Last year, I presented my work on trying to implement pledge in a somewhat mergeable way. Since, it could not work the way I intended, let's try again, without caring about being merged someday. For more context, last year's talk can be found here: https://www.youtube.com/watch?v=uXgxMDglxVM Youtube