Invited Talk: Overlooked Foundations: Exploits as Experiments and Constructive Proofs in the Science-of-Security

Sergey Bratus, Dartmouth College

Abstract: 

"The most important property of a program is whether it accomplishes the intentions of the user.” With these words, C.A.R. Hoare opened up his research programme, which we now recognize as a key part to the science of security—a still-nascent science, as Herley and Van Oorschot persuasively argued. Too many parts of that science are too well described by the Einstein quote about Mathematics, “As far as the laws of Mathematics refer to reality they are not certain, and as far as they are certain they do not refer to reality”—largely due to the difficulties of mathematically describing the user intentions and their deviations from reality.

Yet there is a part of security that is both precise and certain, and answers to the best standards of experimental and evidentiary approaches of established sciences. It is the part dealing with exploitation of computing systems.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@conference {205874,
title = {Invited Talk: Overlooked Foundations: Exploits as Experiments and Constructive Proofs in the {Science-of-Security}},
year = {2017},
address = {Vancouver, BC},
publisher = {USENIX Association},
month = aug
}