Abstract
This position paper discusses the need for modeling exploit computations and discusses possible formal approaches to it.
About the authors
Sergey Bratus is a Research Associate Professor of Computer Science at Dartmouth College. Sergey is a member of the LangSec.org project that seeks to eliminate large classes of bugs related to input handling, and worked with industrial control systems stakeholders to develop architectural protections for ICS/SCADA systems and protocols. He has a Ph.D. in Mathematics from Northeastern University.
Dartmouth College, Institute for Security, Technology, and Society, Hanover, NH 03755, United States of America
Anna Shubina is a post-doctoral research associate at the Dartmouth Institute for Security, Technology, and Society. Anna was the operator of Dartmouth's Tor exit node when the Tor network had about 30 nodes total. She currently manages the CRAWDAD.org repository of traces and data for all kinds of wireless and sensor network research.
Dartmouth College, Institute for Security, Technology, and Society, Hanover, NH 03755, United States of America
Acknowledgement
The authors gratefully acknowledge many helpful discussions with Felix `FX' Lindner, Julien Vanegue, and Thomas Dullien about the phenomenon of exploitation and its generalizations. The authors are also greatly indebted to Meredith L. Patterson and Len Sassaman who pioneered the language-theoretic and computation-theoretic view of security and exploitation.
©2017 Walter de Gruyter Berlin/Boston
