M 9-Jan |
Introduction (slides) |
|
|
W 11-Jan |
How to read a paper
|
|
|
M 16-Jan |
No class, MLK Jr. Day |
|
|
W 18-Jan |
Discussion: end-to-end systems abstraction
Photos of whiteboard courtesy of Hunter:
[1]
[2]
|
Write up on system abstraction due. |
No required readings. |
M 23-Jan |
Foundations: Binaries, Viruses, malware analysis
(Slides) |
|
|
W 25-Jan |
Moving Target Defense (SoK Automated Software Diversity) |
|
- Required reading:
SoK: Automated Software
Diversity.
Per Larsen, Andrei Homescu, Stefan Brunthaler, and Michael
Franz.
Oakland 2014.
- Optional reading(s):
Survey of Cyber Moving
Targets, Second Edition.
BC Ward, SR Gomez, RW Skowyra, D Bigelow, JN Martin, JW Landry,
and H Okhravi.
(MIT Lincoln Laboratory Technical Report)
|
M 30-Jan |
Virtual Machines |
|
|
W 1-Feb |
Project Pitches and
Discussion |
Submit your 500-word writeup via the submission
system. See here. |
No required readings. |
M 6-Feb |
Evasive malware and CPU Features |
|
|
W 8-Feb |
ARM CPU Features |
HW1 due
at 11:59PM Central |
|
M 13-Feb |
Architectural sidechannels, Hardware Security |
|
(Please read both papers, but only submit a review for Spectre.)
- Required readings
Spectre: Exploiting
Speculative Execution.
Paul Kocher, Jann Horn, Anders Fogh, Daniel
Genkin, Daniel Gruss, Werner Haas, Mike Hamburg,
Moritz Lipp, Stefan Mangard, Thomas Prescher,
Michael Schwarz, and Yuval Yarom.
Oakland 2019.
Flipping Bits in
Memory Without Accessing Them:
An Experimental Study of DRAM Disturbance Errors.
Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye
Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur
Mutlu.
International Symposium on Computer Architecture (ISCA)
2014.
- Optional reading(s):
Meltdown: Reading Kernel
Memory from User Space.
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher,
Werner Haas, Anders Fogh, Jann Horn, Stefan
Mangard, Paul
Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg.
Usenix Security 2018.
Rowhammer
slides (visual explanations may help understanding if
you are unfamiliar with hardware).
RowHammer:
A Retrospective.
Onur Mutlu and Jeremie S. Kim.
IEEE Transactions on Computer-Aided Design of Integrated
Circuits and Systems, 2020.
|
W 15-Feb |
Static Analysis, Dynamic Analysis, LLVM |
|
No reviews required, but you must read the following:
|
M 20-Feb |
Kernel rootkits
|
|
|
W 22-Feb |
Nation State Attacks, APTs, EDRs |
|
|
M 27-Feb |
Machine Learning and Security |
|
|
W 1-Mar |
GPU Security |
|
- Required reading:
StrongBox: a GPU TEE on ARM Endpoints.
Yunjie Deng, Chenxu Wang, Shunchang Yu, Shiqing Liu, Zhenyu Ning, Kevin Leach, Jin Li, Shoumeng Yan, Zhengyu He, Jiannong Cao, Fengwei Zhang.
ACMCCS 2022.
|
M 6-Mar |
Project Proposal Presentations (day 1) |
Submit your presentation slides and writeup: see here.
|
|
W 8-Mar |
Project Proposal Presentations (day 2) |
|
|
M 13-Mar |
No class, Spring break |
|
|
W 15-Mar |
No class, Spring break |
|
|
M 20-Mar |
Ethics (of research and security) |
|
|
W 22-Mar |
Foundations: human studies |
|
- Required reading:
Neurological Divide: an fMRI Study of Prose and Code Writing. By Ryan Kruger, Yu Huang, Xinyu Liu, Tyler Santander, Westley Weimer, and Kevin Leach. In ICSE 2020.
- Optional reading:
Distilling Neural Representations of Data Structure Manipulation using fMRI and fNIRS. By Yu Huang, Xinyu Liu, Ryan Krueger, Tyler Santander, Xiaosu Hun, Kevin Leach, and Westley Weimer. In ICSE 2019 (ACM Distinguished Paper Award).
|
M 27-Mar |
Project Checkin, HW3, Fuzzing |
HW2 due at 11:59PM Central
|
No review required, but please read the Homework 3 Specification. |
W 29-Apr |
Autonomous vehicles |
|
- Required reading:
START: A Framework for Trusted and Resilient Autonomous Vehicles.
Kevin Leach, Christopher Timperley, Kevin Angdtadt, Anh Nguyen-Tuong, Jason Hiser,
Aaron Paulos, Partha Pal, Patrick Hurley, Carl Thomas, Jack W. Davidson, Stephanie Forrest, Claire Le Goues, Westley Weimer.
In ISSRE 2022.
- Optional reading(s):
Selective Symbolic Type-Guided Checkpointing and Restoration for Autonomous Vehicle Repair. By Yu Huang, Kevin Angstadt, Kevin Leach, and Westley Weimer. In APR 2020.
A Comprehensive Study of Autonomous Vehicle Bugs. By Joshua Garcia, Yang Feng, Junjie Shen, Sumaya Almanee, Yuan Xia, and Qi Alfred Chen. In ICSE 2020.
|
M 3-Apr |
Network Security |
|
- Required reading:
A Longitudinal, End-to-End View of the DNSSEC Ecosystem. By Taejoon Chung, Roland van Rijswijk-Deij, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Magggs, Alan Mislove, and Christo Wilson. In USENIX 2017.
- Optional reading:
Global Measurement of DNS Manipulation. By Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nick Weaver, and Vern Paxson. In USENIX 2017.
|
W 5-Apr |
TOR |
|
|
M 10-Apr |
Botnets |
HW3 due at 11:59PM Central
|
- Required reading:
Understanding the Mirai Botnet. By Manos Antonakakis, Tim April, Michael Bailey, Matthew Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. In USENIX 2017.
|
W 12-Apr |
Cryptocurrency |
|
|
M 17-Apr |
Guest Lecture by Dr. Chad
Spensky, CEO and founder of Allthenticate |
|
|
W 19-Apr |
Final Project Presentations (day 1) |
Submit your presentation slides and writeup: see here. |
|
M 24-Apr |
Final Project Presentations (day 2) |
|
|