Dans le cadre de notre séminaire « La Cybersécurité sur un plateau »
(Cybersecurity on a Plate), nous aurons deux interventions le mardi
19 septembre prochain. Le séminaire CoaP aura lieu à 10h dans le
bâtiment IMT/TP/TSP, en salle 3.A213.
Quentin Michaud - WebAssembly & Security
WebAssembly (Wasm for short) is a new format of low-level
bytecode coming from the Web. It allows to run code sandboxed by
default, on a stack-based light virtual machine. It is claiming
to bring a lot of dreams to reality : from being the successor of
today's containers (by being faster, lighter and more secure), to
proposing a single binary format which can be compiled from any
programming language and run on any target, without depending on
the OS or processor architecture. The promises of Wasm go even
beyond technology and address cybersecurity with strong claims
regarding the security and protection of Wasm
applications. However, articles and publications showing old a
new cybersecurity weaknesses inside Wasm may put these claims in
doubt. This presentation will give an overview of the Wasm
ecosystem, explain the inner workings of Wasm and evaluate the
likeliness of its promises as of today and in the future. The
promise of Wasm being the successor of containers will be
reviewed in more details, both at the container level and at the
container orchestrator (Kubernetes) level. The presentation will
then propose an assessment of the Wasm claims concerning
cybersecurity and take a deeper look at if Wasm can really
present itself as an improvement of today binaries' and
containers' security.
Bio : Quentin is a last year cybersecurity student at Télécom
SudParis and an intern at Thales European research lab ThereSIS, where
he is studying bleeding-edge innovations in the cloud ecosystem and
their potential uses for cybersecurity. He likes to improve his
cybersecurity skills by creating and doing CTFs regularly, and he is
consuming and contributing to several open-source projects.
Planches présentées
Frédéric Recoules - What's up in BINSEC? 2022-23 Edition
Software security analyses must often be performed at the executable
code level, either because the source code is not available (e.g.:
analysis of third-party components, malware or legacy code), or
because very low-level attacker models are being considered (hardware
or micro-architectural attacks), or because the code must be analyzed
after compilation in order to prevent potential compilation bugs or to
verify that protections have been properly implemented.
Unfortunately, these low-level security analyses are difficult to
establish and there are few specialists, hence the need to provide
them with the best possible tools via dedicated automated tools.
BINSEC is a formal binary code analysis platform developed at CEA,
with a particular focus on security analysis (vulnerabilities,
reverse) and the degree of guarantees provided. BINSEC offers
original symbolic reasoning engines and multi-architecture
support. Recent results have been obtained, for example, in automatic
analysis of cryptographic primitives (resistance to covert channel
attacks and micro-architectural attacks) or deobfuscation of advanced
malware. However, this kind of analysis still suffers from scaling and
usability problems.
In this talk, we aim to give an overview of the latest improvements of
BINSEC. These advances will be motivated and illustrated through the
resolution of various security cases, including recent examples of
challenges from the Cyber France Challenge 2022. In particular, we
will address problems such as the optimization of a symbolic reasoning
engine at the binary level or the symbolic management of
self-modifying code. We will also review recent efforts to make the
platform more usable (new architectures, simplified initialization,
etc.).
Bio : Frédéric Recoules graduated from INSA and Université
Toulouse Paul-Sabatier in 2016, then received a PhD in Computer
Science from Université Grenoble-Alpes in 2021. His area of expertises
spans formal methods, low-level programming, decompilation and reverse
engineering. He notably obtained an ICSE distinguished paper award
and a 2nd best GDR GPL PhD award (thematic: software engineering,
formal methods and programming languages) for his work on formal
verification of inline assembly code. He is currently Research
Engineer at CEA where he is the main developer and maintainer of the
binary-level program analysis platform BINSEC. His research addresses
scalability issues in symbolic analysis at binary level, vulnerability
analysis and reverse engineering for security.