FEAST 24 Call for Papers

The 6th Workshop on FEAST is a reinvigoration of the series, with the original five events taking place from 2016-2020. FEAST is concerned with all aspects of achieving effective, robust, and appraisable late-stage transformation of software for security. Late-stage transformation and customizations allow third parties besides the original developer to deeply tailor existing software to their mission, with little or no access to source code and other development artifacts besides the executables.

Typical software engineering methodologies are largely driven by the need to maximize programmer productivity. A combination of expensive developers and cheap complexity has yielded a stubborn reality where a course-grained and opportunistic approach to code reuse meets a myriad of abstraction layers that defies analysis and undermines security. Many highly damaging critical software vulnerabilities, e.g., Log4Shell or ForcedEntry, were originally delivered as features in diversely used software components designed to satisfy the widest possible set of consumers. Consumers of these components require a vibrant ecosystem of tools and techniques that enables them to tailor to their individual needs.

Recent work has led to successful innovations toward these aims, with improvements to the analysis and customization of binary code, bytecode representations of interpreted languages, container environments, and OS kernels. Customizations include (but are not limited to): program specialization (debloating), reduction of indirection (delayering), control flow and data flow simplification (complexity reduction), and techniques for establishing higher assurance of customized code (e.g., formal methods). These efforts have enabled a powerful means to reduce the cyber security attack surface.

Despite this ongoing progress within the research community, software executable transformation is not a solved science. Some critical problems of reverse engineering and binary analysis are provably undecidable in the general case and we lack guarantees about the effectiveness and correctness of transformation efforts. Existing measurement and assessment techniques fail to capture the true value of the positive impact to mission availability. Further advances in these areas will benefit the community by maturing the ecosystem of technologies, to determine how best to transparently deploy them, and to study how to more properly appraise their impacts operationally so as to influence and inform system designers and security decision makers.

Scope

The FEAST workshop will include topics geared toward:

• Understanding issues of software executable transformation for various programming languages and environments, and the potential methods for alleviating those issues
• Designing holistically more effective transforms that tolerate incomplete and imprecise specifications, and identify layers and components that are suitable for (and can benefit from) software customization
• Developing techniques for reasoning about the correctness and robustness of transformed software, enhancing differential testing, and predicting transform quality or other constraints
• Investigating novel means of appraising the improvements made to the various goals the user had in conducting the transform, and new metrics to reason about security impacts

Contact Program Committee Chairs

Submission Instructions

We invite Full Papers and Talk Proposals on any topic within scope. Talk Proposals do not have to be as formal as a typical paper. The proposal should adequately describe the points to be made in the talk such that the PC can make a determination on acceptance.

The objective of FEAST organizers is to provide a lively and thought-provoking technical program that helps drive in-person discussion at the workshop. Talks that further discussion could include: presentation of early research results, position talks, outlining of challenges / opportunities, lessons learned from deployment experience, or Systematization of Knowledge (SoK) papers.

Submissions can be up to 6 pages in length including references with a minimum 10 point font size. Authors should submit their papers at the link below, selecting the "paper" tag for a Full Paper and the "talk" tag for a Talk Proposal. Talk Proposals will not be submitted to the official ACM proceedings.

SUBMIT TO FEAST '24 - Closed (deadline passed)

Important dates

• July 17, 2024 July 24, 2024 (12AM UTC)

  Submission Deadline for Full Papers

• August 5, 2024

  Acceptance Notifications for Full Papers

• July 17, 2024 August 27, 2024 (12AM UTC)

  Submission Deadline for Talk Proposals

• August 30, 2024

  Camera Ready Submissions Due (Full Papers only)

  Acceptance Notifications for Talk Proposals

• October 18, 2024

  FEAST Workshop Technical Program