Schedule (Tentative)

SS3: Software Security: Principles, Policies, and Protection, by Mathias Payer

Note: Readings marked with “(*)” are usually more advanced and are optional for those who are curious to explore the topic further.

Week Date Topic Readings Slides
1 8/25 Intro & Security Principles SS3P Chap. 1, 2.3, 2.7–2.8
Information Protection Abstract, Sec. I.A
(*) Reflections on Trusting Trust
2 9/1 No class. Labor Day
3 9/8 Memory & Buffer Overflows Memory Layout of C Programs
Program in Memory
SS3P Chap. 4.1, 4.2.1
Smashing the Stack for Fun and Profit
(*) Lifetime of Hello World
4 9/15 Code-reuse Attacks ret2libc
Getting around non-executable stack
Innocent Flesh on the Bone Sec. 1–3
5 9/22 Integer Overflows & Heap Exploitations Nozzle Sec.1–2
Heap Taichi Sec.1–3
6 9/29 Temporal Memory Safety & Format String Vulnerabilities SS3P Chap. 4.2.2
SeMalloc Sec. 2.1
TESO's Format String Paper Sec. 1–3
7 10/6 Course Review & Address Space Layout Randomization SS3P Chap. 6.4.2
ASLR
(*) ASLR Evaluation 2004
(*) ASLR Evaluation 2024
8 10/13 Control-flow Integrity SS3P Chap. 6.4.3, 6.4.6
Shining Light on Shadow Stacks Sec. 1–3
CFI Sec. 1, Sec.3
9 10/20 Testing and Fuzzing SS3P Chap. 6 intro, 6.3.1, 6.3.3
10 10/27 Memory Isolation SS3P Chap. 6.4.8
SFI Sec.1–3
Page table entries
libmpk Sec. 2
(*) Hodor
(*) Silhouette
11 11/3 Least Privilege Principle & Compartmentalization AutoPriv Sec. 1–2
SoK: Software Compartmentalization TBD
12 11/10 Address Sanitizing & Pointer-based Memory Safety SS3P 6.3.2
ASan Section 1–3
SoftBoundCETS Sec. 1–2
13 11/17 Type Safety & Safe Programming Languages SS3P Sec. 4.3
HexType Sec. 1–2
Checked C Sec. 1, Sec. 3
14 11/24 No class. Thanksgiving
15 12/1 Course Review & Students-led Paper Discussion
16 12/8 Students-led Paper Discussion