After all progress in cyber protection mechanisms, we still hear such news as Twitter got hacked, Facebook accidentally released users' accounts,
which were stored as plain-text passwords for millions of users! Google has closed its social network platform after data leaks and some security concerns.
It seems hackers manage to perform more successful and sophisticated attacks every year, mostly by exploiting unknown software vulnerabilities and using new techniques.
As a result, cybercriminals can successfully steal the valuable information of millions of people.

In this workshop, I will introduce dynamic taint analysis (DTA) is a powerful technique that allows us to detect zero-day vulnerabilities in software binary files before being identified and exploited by hackers!
The DTA works based on monitoring dynamic executions during the runtime execution of a program. Precisely, in this technique, we taint sensitive data originating from external environments such as network,
file system, and external processes. Then we track these taints throughout the program execution, and finally, we try to prevent these taints from going to untrusted channels in insecure ways.

Then, I will teach you how to use DTA in practice in order to identify various programming vulnerabilities (e.g., remote code injection, SQL injection, cross-site scripting,
insecure deserialization, etc.) in software binaries and source codes, and how to enforce proper data flow policies to prevent sensitive information from being leaked in untrusted channels.