Date |
Lectures Topics |
Speakers & Notes |
Reading |
Tue 4/2 | Class Overview, Intro to Static Analysis I | Yan, Vaibhav |
|
Wed 4/3 | Introduction to Static Analysis II |
Vaibhav | Materirals by Prof. Ryder from VT http://people.cs.vt.edu/ryder/ACACES07/ACACES1-2up.pdf http://people.cs.vt.edu/ryder/ACACES07/ACACES2-2up.pdf |
Mon 4/8 | SA1: Browser Extension Vulnerabilities |
[VEX.pptx] Xiang |
Bandhakavi, Sruthi, et al. "VEX:
Vetting browser extensions for security
vulnerabilities." Usenix Security. 2010. [video
of the authors' talk] |
Wed 4/10 | SA2: Web App Vulnerabilities |
|
Tripp, Omer, et al. "TAJ:
effective taint analysis of web applications." ACM Sigplan Notices. Vol. 44. No. 6. ACM, 2009. [Ref]Jovanovic, Nenad, Christopher Kruegel, and Engin Kirda. "Pixy: A static analysis tool for detecting web application vulnerabilities." IEEE Symposium on Security and Privacy, 2006. |
Mon 4/15 |
SA3:
Privacy leakage detection on smartphones |
[smartphone_leakDetection] |
Egele, Manuel, et al. "PiOS:
Detecting privacy leaks in iOS applications." Proceedings of the Network and
Distributed System Security Symposium. 2011. |
Wed 4/17 |
SA4: Android system/app
vulnerabilities |
[Android_vulDetection] Chao,Jacob |
Lu, Long, et al. "CHEX:
statically vetting Android apps for component
hijacking vulnerabilities." Proceedings of the ACM conference on
Computer and communications security. 2012. [Ref] Grace, Michael, et al. "Systematic detection of capability leaks in stock Android smartphones." Proceedings of the Symposium on Network and Distributed System Security. 2012. |
Mon 4/22 |
Intro to Dynamic Analysis |
[dynamic_analysis] Vaibhav No paper summary needed |
Schwartz, Edward J., Thanassis
Avgerinos, and David Brumley. "All
you ever wanted to know about dynamic taint analysis
and forward symbolic execution (but might have been
afraid to ask)." IEEE Symposium on Security and
Privacy, 2010.
|
Wed 4/24 |
DA1: Automatic testing (symbolic
execution) |
Cadar, Cristian, Daniel Dunbar, and
Dawson Engler. "KLEE:
Unassisted and automatic generation of high-coverage
tests for complex systems programs." Proceedings of the USENIX conference on
Operating systems design and implementation (OSDI). 2008.
|
|
Mon |
DA2: Privacy leakage |
[TaintDroid_XSS_detection] Zhengyang, Peng |
Enck, William, et al. "TaintDroid:
an information-flow tracking system for realtime
privacy monitoring on smartphones." Proceedings of the USENIX conference on
Operating systems design and implementation. 2010. [Ref] Vogt, Philipp, et al. "Cross-site scripting prevention with dynamic data tainting and static analysis." Proceeding of the Network and Distributed System Security Symposium (NDSS). Vol. 42. 2007. |
Wed 5/1 |
DA3: Malware Analysis |
Chao,Zhengyang Yan (short presentation on DroidChamelon) |
Yin, Heng, et al. Panorama:
capturing system-wide information flow for malware
detection and analysis, Proceedings of the ACM conference on
Computer and communications security. 2007.
|
Fri 5/3 |
Midterm project presentation
(Mon 5/6 class moved here) |
||
Wed 5/8 |
Guest Lecture on Contracts |
Prof. Robby Findler No paper summary needed |
|
Mon 5/13 |
DA4 Guest Lecture |
Prof. Venkat of UIC |
|
Wed 5/15 |
DA5: Automatic exploit and
signature generation |
[autoSigGen&Mayhem] Andrew, Peng |
Cha, Sang Kil, et al. "Unleashing
mayhem on binary code." Security and Privacy (SP), 2012 IEEE
Symposium on. IEEE, 2012. [Ref] Towards Automatic Generation of Vulnerability-Based Signatures, by David Brumley, et al, in the Proceedings of the 2006 IEEE Symposium on Security and Privacy. |
Mon 5/20 |
Miscellaneous Language-based
approaches |
Vaibhav |
Liu, Jed, et al. "Fabric:
A platform for secure distributed computation and
storage." Proceedings of the ACM SIGOPS 22nd
symposium on Operating systems principles. ACM,
2009. Original talk slides and video are here. [Ref] Myers, Andrew C., and Barbara Liskov. "Complete, safe information flow with decentralized labels.", Proceedings of IEEE Symposium on Security and Privacy, 1998. |
Wed 5/22 |
M2: Aspect Oriented Programming |
[Conscript] Maciek, Josiah |
Meyerovich, Leo A., and Benjamin Livshits.
"Conscript:
Specifying and enforcing fine-grained security
policies for javascript in the browser." , IEEE Symposium on Security and
Privacy (SP), 2010. |
Mon 5/27 |
No class due to Memorial Day. |
||
Wed 5/29 |
M3: Proof-carry Code |
Max, Jacob | George Necula and Peter Lee, Safe Kernel Extensions Without Run-Time Checking (First paper on proof-carrying code), Proceedings of the OSDI 1996 (best paper award). A good introduction slides for PCC is here. More in-depth slides are here. |
Fri 5/31 |
Notes: You may
find the brochure useful: Efficient
reading of papers in Science and Technology by Michael
J. Hanson, 1990, revised 2000 Dylan McNamee.