This is a research seminar course, with emphasis on executable program analysis and its applications to malware defense and software security. The course will be held in a combination of lectures, paper presentations, and medium scale project.
The instructor will give an overview for each of the topics, and students are expected to give paper presentation about 50 minutes long, interrupted and followed by lengthy discussions. Each students need to pick two papers to present.
To ensure good class participation, before class, students need to submit two paper reviews for the papers to be discussed in the class.
Each student needs to conduct an individual project. Students are expected to identify the project topic early on in the semester. A mid-term project presentation is needed to check the progress.
, 10% Paper Review
, 10% Class Participation
, 40% Paper Presentation
, 40% Project
Availability by appointment. Frequent meetings and discussions are absolutely welcome. To request an appointment, just drop an email or knock at my door.
|
Date |
Topic |
Note |
|
01/17 |
Course Overview |
|
|
01/24 |
Software Vulnerabilities Dynamic Instrumentation Platforms |
|
|
01/31 |
Software Integrity Models |
|
|
02/07 |
No class |
Conference Travel |
|
02/14 |
Taint Analysis |
|
|
02/21 |
Symbolic Execution |
|
|
02/28 |
Type Inference Data Structures Reverse Engineering |
|
|
03/06 |
Program Slicing |
|
|
03/13 |
No Class |
No class, Spring Break |
|
03/20 |
Midterm Project Report |
15 min per student |
|
03/27 |
Code Obfuscation & De-obfuscation |
|
|
04/03 |
Rootkits |
|
|
04/10 |
Virtualization |
|
|
04/17 |
Virtualization 2 |
|
|
04/24 |
|
|
|
05/01 |
Final Project Report |
Aravind, Mu, Andrew H, Qian, Phil |
|
05/08 |
Final Project Report (10:15am to 1:15pm) |
Yousra, Andrew Z, Mubarek, Maurice, Eric |
, Pin: building customized program analysis tools with dynamic instrumentation
, Valgrind: A Framework for Heavyweight Dynamic Binary Instrumentation
, QEMU, a Fast and Portable Dynamic Translator
, Control-flow Integrity principles, implementations, and applications, presented by Mu
, Efficient software-based fault isolation, presented by Mu
, Evaluating SFI for a CISC architecture
, Securing software by enforcing data-flow integrity
, Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software, presented by Eric
, Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis, presented by Yousra
, Pointless Tainting? Evaluating the Practicality of Pointer Tainting
, DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation
, Exploring Multiple Execution Paths for Malware Analysis, presented by Phil
, BitScope: Automatically Dissecting Malicious Binaries
, KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs, presented by Mubarek
, Automatic Reverse Engineering of Data Structures from Binary Execution, presented by Phil
, Howard: a dynamic excavator for reverse engineering data structures, presented by Qian
, TIE: Principled Reverse Engineering of Types in Binary Programs, presented by Qian
, PointerScope: Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis, presented by Aravind
, Differential Slicing: Identifying Causal Execution Differences for Security Applications,presented by Andrew Henderson
, Binary Code Extraction and Interface Identification for Security Applications, presented by Mubarek
, Renovo: A Hidden Code Extractor for Packed Executables, presented by Yousra
, Deobfuscating Virtualized-Obfuscated Software: A Semantics-based Approach, presented by Maurice
, HookFinder: Identifying and Understanding Malware Hooking Behaviors, presented by Richard
, K-Tracer: A System for Extracting Kernel Malware Behavior, presented by Richard
, A Virtual Machine Introspection Based Architecture for Intrusion Detection
, Stealthy Malware Detection Through VMM-Based 'Out-of-the-Box' Semantic View Reconstruction
, Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection, presented by Aravind
, Ether: Malware Analysis via Hardware Virtualization Extensions, presented by Maurice
, Secure In-VM Monitoring Using Hardware Virtualization, presented by Eric