Presented at
BSidesLV 2023,
Aug. 9, 2023, 5:55 p.m.
(Unknown duration)
Regular expressions are everywhere in information security, but are often seen as opaque, academic, and boring. Regular expressions are anything but boring! This talk starts by explaining what regular expressions are (from a theoretical perspective) and why they're such a good fit for Infosec. The talk then proceeds to explain how common implementations aren't designed for Infosec use, sometimes even to the point of creating security risks. A brief survey of desired features is then given, and finally a technical dive (including code and benchmarks) is presented on how an ideal regular expression engine for Infosec might be implemented.
While this talk has some math, it is designed to be accessible to anyone with a background in Infosec, including newcomers to the field.
Presenters:
-
Rob King
Rob has over two decades of experience in information security, wearing all manner of hats. He served as the technical lead for TippingPoint DVLabs, the chief architect of InQuest, and wrote security event correlation engines for DARPA at KoreLogic. Most recently, he works as a Principal Researcher at runZero. He has a deep and abiding love of compilers, and a fascination with signature and fingerprint languages.
Links:
Similar Presentations: