Schedule subject to change. Check back often.
Date Subject Readings Notes
Jan 11 Course Overview Reflections on Trust Homework 1 out
Jan 13 Overview of Vulnerability and Exploit Research Checking System Rules Using System-Specific Programmer-Written Compiler Extensions slide
Jan 18 Overview of Defense Research The Base-Rate Fallacy and its Implications for the Difficulty of Intrusion Detection slide
Jan 20 Overview of Malware Research SplitScreen: Enabling Efficient, Distributed Malware Detection
HW 1 due.
Jan 25 Basic Buffer Overflows Smashing the Stack for Fun and Profit
Pauls blog post on what has changed since the paper was written
Jan 27 Format and Integer Overflows (Sang Kil Cha) Exploiting Format String Vulnerabilities
Basic Integer Vulnerabilities
Feb 1 Web Server-Side Vulnerabilities None slide
Feb 3 Web Client-Side Vulnerabilities Document Structure Integrity: A Robust Basis for Cross Site Scripting
Robust Defense for Cross-Site Request Forgery
HW 2 out
Feb 8 Guest Lecture (Ed Schwartz): ASLR and DEP ASLR Smack and Laugh Reference
On the Effectiveness of Address Space Randomization
Feb 10 Formal Methods A Symbiotic Relationship Between Formal Methods and Security
Enforceable Security Policies
Feb 15 Dynamic taint analysis and Symbolic Execution All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask) HW2 due
Feb 17 Student Presentations Please visit the web site to check papers assigned to you: here
Native Client: A Sandbox for Portable, Untrusted x86 Native Code (OAKLAND 2009)
- Presenter: Matthew Maurer
Accountable Virtual Machines (OSDI 2010)
- Presenter: Spencer Whitman
Project Proposals Due
Feb 22 Student Presentations Identifying Dormant Functionality in Malware Programs (Oakland 2010)
- Presenter: Swaminathan Ramesh
Efficient Detection of Split Personalities in Malware (NDSS 2010)
- Presenter: Ashwini Giridhar Rao
Feb 24 Student Presentations It's No Secret. Measuring the Security and Reliability of Authentication via "Secret" Questions (Oakland 2009)
- Presenter: Richard Shay
Side-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow (Oakland 2010)
- Presenter: Gananand Ganesh Kini
Mar 1 Student Presentations NetShield: Massive Semantics-based Vulnerability Signature Matching for High-speed Networks (SigComm 2010)
- Presenter: Thanassis Avgerinos
Secure Content Sniffing for Web Browsers, or How to Stop Papers from Reviewing Themselves (Oakland 2009)
- Presenter: Elli Fragkaki
Mar 3 Student Presentations Nemesis: Preventing Authentication & Access Control Vulnerabilities in Web Applications (USENIX 2009)
- Presenter: Yuan Liang
Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms (USENIX 2009)
- Presenter: Thomas Hobson
Project update 1 due
Mar 7 No Class - Spring Break
Mar 11 No Class - Spring Break
Mar 15 Vulnerability-based Signatures Theory and Techniques for Automatic Genereation of Vulnerability-Based Signatures
If you have problems, try this version from an on-campus computer.
Vigilante: End-to-end containment of Internet Worms
Mar 17 Student Presentations BLADE: An Attack-Agnostic Approach for Preventing Drive-By Malware Infections (CCS 2010)
- Presenter: Paul Makowski
Idle Port Scanning and Non-interference Analysis of Network Protocol Stacks Using Model Checking (USENIX 2010)
- Presenter: Spencer Whitman
Happy St. Patricks Day.
Mar 22 Student Presentations Toward Automated Detection of Logic Vulnerabilities (USENIX 2010)
- Presenter: Swaminathan Ramesh
HW3 out
Mar 24 Student Presentations DieHarder: Securing the Heap (CCS 2010)
- Presenter: Paul Makowski
State of the Art: Automated Black-Box Web Application Vulnerability Testing (Oakland 2010)
- Presenter: Gananand Ganesh Kini
Mar 29 Project Presentations HW3 due
Mar 31 Student Presentations TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on SmartPhones (OSDI 2010)
- Presenter: Elli Fragkaki
CCured in the real world (PLDI 2003)
- Presenter: Matthew Maurer
Apr 5 Scalable Malware Clustering Scalable Behavior-Based Malware Clustering
Apr 7 Malware Hooking and BotNets Hookfinder: Identifying and Understanding Malware Hooking Behavior
BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation
Apr 12 Student Presentations Bugs as deviant behavior: a general approach to inferring errors in systems code (SOSP 2001)
- Presenter: Thanassis Avgerinos
Automatic Generation of Remediation Procedures for Malware Infections (USENIX 2010)
- Presenter: Thomas Hobson
Project Update Due
Apr 14 No Classes
Apr 19 Student Presentations Automatic Reverse Engineering of Data Structures from Binary Execution (NDSS 2010)
- Presenter: Ashwini Giridhar Rao
Adnostic: Privacy Preserving Targeted Advertising (NDSS 2010)
- Presenter: Richard Shay
Apr 21 Wrap Up
Apr 26 Side Channels Language Identification of Encrypted VOIP Traffic: Alejandra y Roberto or Alice and Bob?
Remote Timing Attacks are Practical
Apr 28 Paul and Gananand makeup talk
May 5 Final Presentation 1:00pm - 4:00pm