all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

HODOR: Reducing Attack Surface on Node.js via System Call Limitation

Add to bookmarks
March 25, 2024, 5:03 p.m. | Black Hat

Black Hat www.youtube.com

....To address the above challenges, we will present HODOR, a lightweight system call level protection mechanism designed for Node.js applications. HODOR begins with cross-language and combined static-dynamic call graph analysis for both Node.js applications and the Node.js framework. This step involves proposing optimizations to enhance state-of-the-art call graph building methods, static-dynamic call graph analysis, and consideration of built-in methods for JavaScript code, along with partial context-sensitive mechanisms for C/C++ code. HODOR then generates system call whitelists tailored to different types …

address analysis applications art attack attack surface building call challenges dynamic framework graph language mechanism node node.js protection state system

Visit resource

More from www.youtube.com / Black Hat

Locknote: Conclusions and Key Takeaways from Day 2 2 weeks, 4 days ago | www.youtube.com
black hat black hat europe board board members +15
Locknote: Conclusions and Key Takeaways from Day 1 2 weeks, 4 days ago | www.youtube.com
black hat black hat europe board board members +16
Keynote: My Lessons from the Uber Case 2 weeks, 4 days ago | www.youtube.com
addition best practices case convicted +16
Keynote: Industrialising Cyber Defence in an Asymmetric World 2 weeks, 4 days ago | www.youtube.com
adversaries challenge cyber cyber defence +10
The Black Hat Europe Network Operations Center (NOC) Report 2 weeks, 4 days ago | www.youtube.com
back black hat black hat europe center +14
My Invisible Adversary: Burnout 3 weeks, 2 days ago | www.youtube.com
adversary attackers attacks burnout +11
The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 3 weeks, 2 days ago | www.youtube.com
analysis ask bad codeql +10
A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 3 weeks, 3 days ago | www.youtube.com
attacks call cloudflare detection +10
Collide+Power: The Evolution of Software-based Power Side-Channels Attacks 3 weeks, 3 days ago | www.youtube.com
addition attacks build collide+power +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Lead Technical Product Manager - Threat Protection

@ Mastercard | Remote - United Kingdom
View on infosec-jobs.com

Data Privacy Officer

@ Banco Popular | San Juan, PR
View on infosec-jobs.com

GRC Security Program Manager

@ Meta | Bellevue, WA | Menlo Park, CA | Washington, DC | New York City
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Warrington, United Kingdom
View on infosec-jobs.com

Privacy Engineer, Technical Audit

@ Meta | Menlo Park, CA
View on infosec-jobs.com
View more jobs