Stopping 0-Days with Formal Languages
pdf
Abstract: The Internet insecurity epidemic is a consequence of ad hoc programming of input handling at all layers of network stacks, and in other kinds of software stacks. The only path to trustworthy software that takes untrusted inputs is treating all valid or expected inputs as a formal language, and the respective input-handling routines as a recognizer for that language.
Submitted by Sean Smith
on
pdf
Abstract: The Internet insecurity epidemic is a consequence of ad hoc programming of input handling at all layers of network stacks, and in other kinds of software stacks. The only path to trustworthy software that takes untrusted inputs is treating all valid or expected inputs as a formal language, and the respective input-handling routines as a recognizer for that language.
Submitted by Sean Smith
on