Software Security

Credits: Many slides are inspired or taken from other excellent courses in software security, including 18732, Fall 2008, Dan Boneh's CS-155 and CS-142 courses, and Giovanni Vigna's courses.

Schedule subject to change. Please check back regularly. Last updated Nov 4, 2009.
Date	Topic	Readings	Notes
Mon 09/07	None	Labor Day
Wed 09/09	Introduction and Overview slides
Mon 09/14	Introduction to Assembly slides
Wed 09/16	Traditional C Vulnerabilities slides in-class assignment	Smashing the Stack for Fun and Profit, by Aleph One Exploiting Format String Vulnerabilities, by team teso Basic Integer Overflows, by Blexim	In-class assignment Homework 1 Out
Mon 09/21	Mitigating C Vulnerabilities Scribe: Group 3 slides scribe	ASLR ASLR Smack & Laugh Reference
Wed 09/23	Mitigating C Vulnerabilities & Project Ideas Guest Lecture Slides Project Ideas (CMU ONLY)	A Practical Dynamic Buffer Overflow Detector, by Ruwase et al. Buffer Overflow Protection, on Wikipedia.	Homework 1 Due Meetings with groups
Mon 09/28	Small Formal Language Scribe: Group 1 & 2 Slides My Notes Scribe
Wed 09/30	Taint Analysis Scribe: Group 4 My Notes	DART: Directed Automated Random Testing, by Godefroid et al. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs, by Cadar et al. (Best Paper OSDI 2008)	Homework 2 out
Mon 10/05	Forward Symbolic Execution Scribe: Group 5		Homework 2 Due Friday 10/9
Wed 10/07	Web Security: Intro Notes	XSS Video Tutorial 1 XSS Video Tutorial 2 Document Structure Integrity: A Robust Basis for Cross-site Scripting Defense, by Nadji et al.
Mon 10/12	Web Security: XSS and Taint Analysis Slides	Advanced SQL Injection in SQL Server Applications, by Anley Automatic Generation of XSS and SQL Injection Attacks with Goal-Directed Model Checking, by Martin et al.	Project Proposals Due
Wed 10/14	Web Security Injection and Wrapup Prof. Jackson's Slides Notes	The Security Architecture of the Chromium Browser, by Barth et al.
Mon 10/19	Review		Mid-semester grades out.
Wed 10/21	Midterm		Hands-on Midterm Out
Mon 10/26	Group Presentations		Hands-on Midterm Due
Wed 10/28	Signatures and Weakest Preconditions	Bouncer: Securing Software by Blocking Bad Input, by Costa et al. Creating Vulnerability Signatures Using Weakest Preconditions, by Brumley et al.
Mon 11/02	Usability & Security Guest Lecturer: Prof. Cranor
Wed 11/04	Signatures Part 2 Scribe: Group 6	Recommended: The Base-Rate Fallacy and its Implications for the Difficulty of Intrusion Detection, by Axelsson	Proposal related work section due.
Mon 11/09	No Class
Wed 11/11	Proof Carrying Code Scribe: Group 8	Safe Kernel Extensions Without Run-Time Checking, by Necula and Lee Proof-Carrying Code, by Necula (optional)
Mon 11/16	Verification & SFI	Efficient Software-Based Fault Isolation, by Wahbe et al. Model Checking 1 Millions Lines of C Code by Chen et al.	Proposal design & architecture section due
Wed 11/18	Verification, Type Safety Scribe: Group 7	CCured: Type Safe Retrofitting of Legacy Code
Mon 11/23	Slack
Wed 11/25	None	Thanksgiving Break
Mon 11/30	Side Channels	Remote Timing Attacks are Practical Timing Analysis of Keystrokes and Timing Attacks on SSH
Wed 12/02	1st day of final project presentations		Written proposal due.