event archive

C4DT workshops

C4DT Workshop on Digital Identity

C4DT’s first workshop on the topic of Digital Identity will take place at the EPFL in Lausanne on Friday the 10th of May
The objective is to share insights in 4 application verticals, namely eHeath, IoT, e-Gov and Humanitarian, developing common understanding of digital ID, and to leverage opportunities for interaction and collaboration.


Please note that this workshop is a closed event and by invitation only.
More details will follow…
C4DT seminars

MinFuzz: Program simplification to drive fuzzing effectiveness

By Nicolas Badoux (EPFL)


Fuzzing, an effective form of dynamic software testing, relies on rapidly testing generated inputs to discover bugs in programs. In the last two years, fuzzing gained massive traction in the security community, driven by the discovery of large amounts of vulnerabilities. Fuzzing requires an effective input generation mechanism that quickly generates new interesting inputs and a fast execution engine that drives execution to potentially vulnerable program locations. Bloated code or complex data validation unnecessarily slow down the fuzzing process as these code sequences are executed frequently. Often these code sequences are already well tested and it is unlikely for the fuzzer to discover new vulnerabilities in them.

We present MinFuzz, our approach to discover and remove prunable code blocks to improve fuzzing effectiveness. First, we will discuss which computations are “skippable”. Our system targets particularly decompression, decryption, and checksum computations. By first locating and then pruning such code segments, we increase the number of executions per second by up to 50% and additionally achieve deeper coverage of the program in the same time.

27 March 2019, EPFL BC building, room BC420