CODE Colloquium: Sereum - Protecting Existing Smart Contracts Against Re-Entrancy Attacks
Prof. Dr. Lucas Davi, Universität Duisburg-Essen
Abstract
Recently, a number of existing blockchain systems have witnessed major bugs and vulnerabilities within smart contracts. Although the literature features a number of proposals for securing smart contracts, these proposals mostly focus on proving the correctness or absence of a certain type of vulnerability within a contract, but cannot protect deployed (legacy) contracts from being exploited. In this talk, we present Sereum (Secure Ethereum) which protects deployed contracts in a backwards compatible way based on run-time monitoring and validation. We also study new re-entrancy attack patterns that have been overlooked by previous on smart contract bug detection.
Biographie
Lucas Davi is an assistant professor for secure software systems at University of Duisburg-Essen, Germany. He received his PhD from TU Darmstadt in computer science. His research focus includes aspects of system security, software security, and trusted computing, especially software exploitation techniques and defenses. He received best paper awards at DAC, ACM ASIACCS, and IEEE Security and Privacy. His PhD thesis on code-reuse attacks and defenses has been awarded the ACM SIGSAC Dissertation Award 2016.
Veranstaltungsort
Der Einlass erfolgt ab 17:30 Uhr über den Haupteingang des FI CODE
Carl-Wery-Straße 18., 81739 München
Im Anschluss an die Veranstaltung laden wir zu einem kleinen Get-Together.
Wir bitten um verbindliche Anmeldung bis 8.3.2019 an code@unibw.de.