Joint October C++ Meetup with Empire Hacking

On October 13th we are hosting a joint meetup with our friends at Empire Hacking (https://www.meetup.com/Empire-Hacking/). This will be held at WeWork Chelsea, rather than the usual location at the MongoDB offices.

Talk 1: The PointsTo Use-After-Free Detector

Abstract: PointsTo is an LLVM-based static analysis system that automatically finds use-after-free vulnerabilities in large codebases. It employs a context- and flow-sensitive pointer alias analysis to determine where pointers point. This talk will discuss the design of PointsTo and its implementation in LLVM.

Speaker Bio: Peter Goodman is a dynamic binary translator.

Talk 2: Protecting Virtual Function Calls in COTS C++ Binaries

Abstract: Virtual function calls in C++ are a popular target for control subversion attacks. Compilers utilize virtual tables (VTables) to accomplish virtual function calls. Given a C++ binary, vfGuard will (1) identify the virtual function callsites and (2) recover VTables in the program to provide a strict integrity policy. The policies constructed by vfGuard are sound and of significantly higher precision when compared to state-of-the-art binary-only control-flow integrity solutions.

Speaker Bio: Aravind Prakash earned a PhD from Syracuse University in May 2015 and is currently an assistant professor in the Dept. of CS at Binghamton University. His research focuses on program integrity models.

Beverages and light food will be provided. Space is limited, please RSVP. If you're interested in getting an office at a WeWork after visiting the event (which we recommend!), contact joinus@wework.com .