Basser Seminar Series
On Security Issues in the Java Serialisation API
Speaker: Associate Professor Jens Dietrich
When: Wednesday 8 February, 2017, 4:00-5:00pm
Where: The University of Sydney, School of IT Building, SIT Lecture Theatre (Room 123), Level 1
Add seminar to my diary
Recently, several new vulnerabilities have been discovered that take advantages of weaknesses in the serialisation APIs of Java and other languages. We analyse these vulnerabilities, and discuss strategies how they can be prevented. Our focus is on vulnerabilities that exploit the combinatorial explosion in the size of the calling context tree.
Jens has a MSc in Mathematics and a PhD in Computer Science from the University of Leipzig. After completing his PhD, he worked in industry for 7 years and returned to academia in 2003 when he joined Massey University in New Zealand. He is Associate Professor at Massey and major leader of the Software Engineering degree. His research interests are in the area of software modularisation and static analysis.