BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Securing Supply Chains with Compilers - Nicholas Boucher\, Univers
 ity of Cambridge
DTSTART:20231205T140000Z
DTEND:20231205T150000Z
UID:TALK208387@talks.cam.ac.uk
CONTACT:Hridoy Sankar Dutta
DESCRIPTION:In this talk we will present a new technique for identifying s
 oftware supply chain attacks. Supply chain attacks are particularly powerf
 ul due to their ability to affect many victims through the compromise of a
  single shared dependency. While supply chain attacks are not new\, they h
 ave received significant industry\, government\, and research attention fo
 llowing multiple high-profile attacks such as SolarWinds and Log4j. The te
 chniques we will present inject metadata into compiled binaries to track t
 he recursive set of dependencies used in its creation. This information is
  stored in a highly efficient probabilistic data structure to form the Aut
 omatic Bill of Materials\, or ABOM. In the talk\, we will describe the des
 ign of the ABOM and outline our vision for how it could be used to perform
  faster mitigation in future supply chain attacks.\n\nRECORDING : Please n
 ote\, this event will be recorded and will be available after the event fo
 r an indeterminate period under a CC BY -NC-ND license. Audience members s
 hould bear this in mind before joining the webinar or asking questions.
LOCATION:Webinar & LT2\, Computer Laboratory\, William Gates Building.
END:VEVENT
END:VCALENDAR