Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
  Technical Updates @ TACKtech Corp.  

06.21.2012 - Microsoft Reveals Worldwide Finalists of Inaugural BlueHat Prize

View Microsoft-Press related news.

REDMOND, Wash. June 2 1 , 201 2 Microsoft Corp.’s Trustworthy Computing Group today announced the top three finalists of its BlueHat Prize, a competition that awards researchers more than $250,000 in cash and prizes for developing new, innovative computer security protection technologies. Microsoft will announce the grand prize winner at its Researcher Appreciation Party on July 26, 2012, following the Black Hat briefings in Las Vegas.

In an effort to mitigate entire classes of vulnerabilities, Microsoft presented this challenge to the industry last August, spurring some of the brightest security minds across the globe. Microsoft was happy to see participation from across the research community and academia. After in-depth evaluation of the entries, Microsoft selected three finalists who each developed unique solutions that hinder attacks that leverage Return Oriented Programming (ROP). ROP is an advanced technique that attackers use to combine short pieces of benign code, already present in a system, for a malicious purpose.

The following, in alphabetical order, are the three finalists:

  • Jared DeMott. DeMott is a researcher well-known for teaching a course titled “Application Security: For Hackers and Developers” at security conferences. DeMott submitted a BlueHat Prize entry called /ROP that checks to ensure that target addresses of return instructions, which ROP exploits use, are safe.

  • Ivan Fratric. Fratric earned a Ph.D. in computer science and is a researcher at the University of Zagreb in Zagreb, Croatia. Fratric’s entry, named ROPGuard, defines a set of checks that can be used to detect when certain functions are being called in the context of malicious ROP code.

  • Vasilis Pappas. Pappas is a Ph.D. student at Columbia University in the City of New York who actively researches information security. Pappas’ submission, called kBouncer, is a ROP mitigation technique that detects abnormal control transfers using common hardware features.

“Microsoft applauds these researchers who met the challenge and developed defensive solutions that go above and beyond conventional security practices focused on discovering individual issues,” said Mike Reavey, senior director, Microsoft Security Response Center. “We can’t wait to see how this initiative will inspire others to explore defensive technology research in order to potentially mitigate entire classes of vulnerabilities.”

Microsoft will reveal more information on the entries at the company’s Researcher Appreciation Party. The company will award one finalist $200,000 for the grand prize, while the first runner-up will win $50,000 and the second runner-up will win an MSDN Universal subscription valued at $10,000.

“Historically, the security industry has focused on rewarding researchers for identifying and reporting individual vulnerabilities,” said Brad Arkin, senior director, security, Adobe products and services. “The BlueHat Prize represents a new and exciting approach that motivates researchers to come up with solutions that will help mitigate entire classes of attacks against customers.”

The official BlueHat Prize competition rules and guidelines are available at Microsoft accepted 20 contest entries from Aug. 3, 2011, until April 1, 2012, with the final entry being received just eight minutes before the deadline. After all the entries were submitted, a panel of Microsoft security engineers judged the submissions based on the following criteria: practicality and functionality (30 percent); robustness — how easy it would be to bypass the proposed solution (30 percent); and impact (40 percent).

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Note to editors: For more information, news and perspectives from Microsoft, please visit the Microsoft News Center at Web links, telephone numbers and titles were correct at time of publication, but may have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at

- View Press Release
- Visit Microsoft Corporation

NID: 42424 / Submitted by: The Zilla of Zuron
Categories: Press Release, Microsoft
Most recent Microsoft-Press related news.
Scottish Gaelic language support now available for Microsoft Office
Windows 10: The next chapter
The next phase of Windows : Windows 10  
Project based learning for schools comes to life with new BBC Earth natural history film, Enchanted Kingdom
Teachers: how ready are you for the computing revolution?
View archive of Microsoft-Press related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates