|Location:||1211 Computer Science Building, Oct. 11 onward|
|Office Hours:||Tu 2-3:30pm|
|8/30||Overview of software security|
|9/1||Two approaches to software security
Fuzz Revisited: A Re-examination of the Reliability of UNIX Utilities and Services, Miller, et al.
Improving Security Using Extensible Lightweight Static Analysis, Evans, Larochelle.
|9/6||Data-flow analyses: type qualifier inference
Detecting Format String Vulnerabilities With Type Qualifiers, Shankar, Talwar, Foster, Wagner.
|9/8||Data-flow analyses: type qualifier inference
Finding User/Kernel Pointer Bugs With Type Inference, Johnson, Wagner.
Data-flow analyses: points-to analysis
Finding Security Vulnerabilities in Java Applications with Static Analysis, Livshits, Lam.
|9/13||No reading assignment. Turn in reviews for any of the papers so far.|
|9/15||Control-flow analyses: model checking
MOPS: an infrastructure for examining security properties of software, Chen, Wagner.
|9/20||Control-flow analyses: model checking
Model checking one million lines of C code, Chen, Dean, Wagner.
|9/22||No reading assignment. Turn in reviews for any of the papers so far.|
|9/27||Control+data-flow: model checking with data|
Automatically Validating Temporal Safety Properties of Interfaces, Ball, Rajamani.
|9/29||No reading assignment. Turn in reviews for any of the papers so far.|
|10/4||No class - Rosh Hashanah|
|10/6||Control+data-flow: model checking with lazy
Lazy Abstraction, Henzinger, Jhala, Majumdar, Sutre.
|10/11||No reading assignment. Turn in reviews for any of the papers so far.|
|10/13||No reading assignment. Turn in reviews for any of the papers so far.|
|10/18||No reading assignment. Turn in reviews for any of the papers so far.|
Checking System Rules Using System-Specific, Programmer-Written Compiler Extensions, Engler, Chelf, Chou, Hallem.
|10/25||Automated specification generation
Bugs as Deviant Behavior: A General Approach to Inferring Errors in Systems Code, Engler, Chen, Hallem, Chou, Chelf.
A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities, Wagner, Foster, Brewer, Aiken.
|11/1||Buffer overflows (due to the short notice, this paper is optional, but highly recommended!)|
CCured: Type-Safe Retrofitting of Legacy Code, George Necula, Scott McPeak, Westley Weimer
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks, Crispin Cowan, Calton Pu, Dave Maier, Jonathon Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang.
PointGuard: Protecting Pointers from Buffer Overflow Vulnerabilities, Crispin Cowan, Steve Beattie, John Johansen, Perry Wagle.
|11/8||Control hijacking attacks: (optional reading)|
Control-Flow Integrity, Abadi, Budiu, Erlingsson, Ligatti.
Intrusion Detection via Static Analysis, Wagner, Dean.
Efficient Context-sensitive Intrusion Detection, Giffin, Jha, Miller.
|11/17||Architecting secure code: privilege separation|
Preventing Privilege Escalation, Provos, Friedl, Honeyman.
|11/22||Architecting secure code: automated privilege
Privtrans: Automatically Partitioning Programs for Privilege Separation, Brumley, Song.
|11/24||No class - Thanksgiving|
Tentative future reading assignments
Semantics-Aware Malware Detection, Christodorescu, Jha, Seshia, Song, Bryant.
|12/8||Student Interests: TBD|