Schedule (Tentative)
SS3: Software Security: Principles, Policies, and Protection, by Mathias Payer
Note: Readings marked with “(*)” are usually more advanced and are optional for those who are curious to explore the topic further.
Week | Date | Topic | Readings | Slides |
---|---|---|---|---|
1 | 8/25 | Intro & Security Principles | SS3P Chap. 1, 2.3, 2.7–2.8 | |
Information Protection Abstract, Sec. I.A | ||||
(*) Reflections on Trusting Trust | ||||
2 | 9/1 | No class. Labor Day | ||
3 | 9/8 | Memory & Buffer Overflows | Memory Layout of C Programs | |
Program in Memory | ||||
SS3P Chap. 4.1, 4.2.1 | ||||
Smashing the Stack for Fun and Profit | ||||
(*) Lifetime of Hello World | ||||
4 | 9/15 | Code-reuse Attacks | ret2libc | |
Getting around non-executable stack | ||||
Innocent Flesh on the Bone Sec. 1–3 | ||||
5 | 9/22 | Integer Overflows & Heap Exploitations | Nozzle Sec.1–2 | |
Heap Taichi Sec.1–3 | ||||
6 | 9/29 | Temporal Memory Safety & Format String Vulnerabilities | SS3P Chap. 4.2.2 | |
SeMalloc Sec. 2.1 | ||||
TESO's Format String Paper Sec. 1–3 | ||||
7 | 10/6 | Course Review & Address Space Layout Randomization | SS3P Chap. 6.4.2 | |
ASLR | ||||
(*) ASLR Evaluation 2004 | ||||
(*) ASLR Evaluation 2024 | ||||
8 | 10/13 | Control-flow Integrity | SS3P Chap. 6.4.3, 6.4.6 | |
Shining Light on Shadow Stacks Sec. 1–3 | ||||
CFI Sec. 1, Sec.3 | ||||
9 | 10/20 | Testing and Fuzzing | SS3P Chap. 6 intro, 6.3.1, 6.3.3 | |
10 | 10/27 | Memory Isolation | SS3P Chap. 6.4.8 | |
SFI Sec.1–3 | ||||
Page table entries | ||||
libmpk Sec. 2 | ||||
(*) Hodor | ||||
(*) Silhouette | ||||
11 | 11/3 | Least Privilege Principle & Compartmentalization | AutoPriv Sec. 1–2 | |
SoK: Software Compartmentalization TBD | ||||
12 | 11/10 | Address Sanitizing & Pointer-based Memory Safety | SS3P 6.3.2 | |
ASan Section 1–3 | ||||
SoftBoundCETS Sec. 1–2 | ||||
13 | 11/17 | Type Safety & Safe Programming Languages | SS3P Sec. 4.3 | |
HexType Sec. 1–2 | ||||
Checked C Sec. 1, Sec. 3 | ||||
14 | 11/24 | No class. Thanksgiving | ||
15 | 12/1 | Course Review & Students-led Paper Discussion | ||
16 | 12/8 | Students-led Paper Discussion |