Call for Papers
  Accepted Papers
  Workshop Program
  Past Workshops

Software Security, Protection, and Reverse Engineering Workshop
Hilton Los Angeles/Universal City, Los Angeles, CA
December 5-6, 2016
Collocated with ACSAC 2016

Training Sessions

This year SSPREW is extending to a two-day workshop and we will be offering the following training sessions on the first day of the workshop.

Concolic Analysis

Presenter: Vivek Notani, University of Verona
Concolic analysis is a hybrid software verification technique that performs symbolic execution, a classical technique that treats program variables as symbolic variables, along a concrete execution (testing on particular inputs) path. Symbolic execution is used in conjunction with an automated theorem prover or constraint solver based on constraint logic programming to generate new concrete inputs (test cases) with the aim of maximizing code coverage. Symbolic and concolic execution find important applications in a number of security-related program analyses, including analysis of malicious code.

Side Channel Attacks and Fault Injection

Presenter: Jasper van Woudenberg, Riscure
Measuring power consumption and electromagnetic emanations to identify key leakage has become commonplace in security evaluations. Performing side channel analysis introduces new challenges for developers and evaluators every time. Knowing the kind of analysis you need to perform, post-processing steps to take and alignment options to choose is essential. In this training you get introduced to these concepts and the following topics are covered:
  • Side channels and their leakage characteristics
  • The workflow for performing side channel analysis testing
  • Inspection of a target using Simple Power Analysis (SPA)
  • Performing Differential- and Correlation Power Analysis on DES and AES (DPA/CPA)
  • Advanced attacks on countermeasures in RSA, DES, AES