16:198:671:01: Introduction to Software Security

Spring 2009

Latest Announcements

(5/10/09) Grades have been posted and this course has concluded. Old announcements have been archived for your enjoyment and edification. Have an enjoyable summer and good luck!

General Information

Course number: 16:198:671:01, Index: 47225. This course can be used to satisfy "Area B" requirements.
Instructor: Vinod Ganapathy (contact information).
Class hours: Tuesdays from 5:00pm - 8:00pm.
Class location: Hill 254.
Instructor's office hours: Wednesdays, 5:00pm-6:00pm, and by appointment.
Teaching assistant: Mohan Dhawan (email: mdhawan @ cs).
Teaching assistant's office hours: TBD.
Textbooks: Here is the course reading list. For the basics of computer security, I recommend the following freely-available book, which is quite fun to read: Security Engineering, by Ross Anderson.

Course overview

Security vulnerabilities in software cost the economy several billion dollars a year. Why is today's software so vulnerable to exploits? What techniques are attackers using to compromise software? How can we secure software to resist such attacks? Can we design primitives that will help programmers create software that resists such attacks?

This course will seek to answer such questions by covering an exciting range of topics ranging from state-of-the-art techniques used to attack software, as well as techniques to strengthen software to resist attacks. We will study analysis techniques that can be used to understand security properties of software systems and transform them to create secure software.

The course will be based upon readings of research papers, both classics as well as from recent security conferences. A key goal of the course will be to teach the student to think both as an attacker as well as a defender. Consequently we will study both "attack" and "defense" papers. The most exciting part of the course will be a course project where students get to research a topic of their liking, and report their findings in a conference style paper.

Reading list

Here is the reading list for this course. We will discuss papers roughly in the order that they appear on this list, though we will not be discussing all papers on the list. Please see the class schedule for the assigned readings for each week.

Students are expected to read and review the papers before they come to class. These reviews must be mailed to the instructor before class each week (latest by noon on the day of class). We will use class hours to summarize the paper, discuss its key ideas and shortcomings. Reading the paper before class will ensure that we will have more meaningful in-class discussions.

As you read the assigned papers, try to distill each paper as follows:

Problem description: What problem does the paper address? Why is the problem important?
Solution description: What is the solution proposed by the paper? Does it solve the problem in its entirety? If not, what are the assumptions under which the solution works? Are these assumptions reasonable? What aspects of the solution were evaluated in the paper? What aspects were not evaluated? Why not?
Pros and cons -- your opinion: What did you like about the paper? (i.e., What is the "Aha!" point in the paper?) Did you learn any new tricks from this paper that you can add to your toolbox? What did you dislike about the paper? Did the authors hype their solution?
Extensions: What is the next logical step? Did you get any project ideas from this paper? What about longer-term/more ambitious extensions?

Class schedule

Each week, we will discuss two (sometimes three) papers from our reading list according to the schedule below. Papers to be presented by students are marked "S". I will present the other papers in class.

The schedule below is still tentative, and may change over the course of the semester.

Date	Assigned reading	Student presenter	Slides
1/20/2009	Reflections Stack Smashing StackGuard	None	PDF
1/27/2009	Static Overrun Detection Comprehensive Protection (S) Optional: CCured	Nitya	PDF
2/3/2009	Intrusion Detection via Static Analysis Sense of Self for UNIX processes (S) Optional: Format-string vulnerabilities	Huijun and Qiang	PDF
2/10/2009	Control-flow Integrity Backtracking Intrusions (S)	Sangeetha and Krithika	PDF
2/17/2009	Bro End-to-end Protocol Semantics (S)	Deepak and Chirag	PDF
2/24/2009	TaintCheck Patch-based Exploits (S) Optional: EXE	Mudassir	PDF
3/3/2009	Essence of Command Injection Attacks BrowserShield (S)	Zhiyuan	PDF
3/10/2009	MashupOS OP (S) Optional: Chrome	Qingyuan	PDF
3/24/2009	VM Introspection Subvirt (S) Midterm exam out (due on 3/25/2009)	Srihita and Parvathy	PDF
3/31/2009	Semantics-Aware Malware Detection MiniMal (S)	Jigesh	PDF
4/7/2009	Privacy Oracle (S) Dynamic Spyware Analysis (S) Optional: TightLip	Bill and Rezwana	PDF
4/14/2009	BotHunter Spam (S)	Swati	PDF
4/21/2009	TCG Pioneer (S)	Crystal	PDF
4/28/2009	Project Presentations	-	-

Grading

Readings and paper presentation (20%): Each student will be expected to present one or two papers during the course of the semester. In addition, each student will have to send a critical review of the papers assigned for each class. Reviews are due before class each week.
Class participation (5%): Active discussions are what makes a class enjoyable, so I will also factor class participation into the final grade. All the more incentive to contribute to the class discussion!
Exam (25%): There will be a take-home mid-term exam that will test you on the material covered in class.
Research project (50%): The research project is the most important aspect of this class. The course will be front-loaded so that students are exposed to key ideas early and can apply them to their course projects. Front loading the course will also mean that students can invest more time on their projects in the latter half of the semester.

Project

The final project is the main ingredient of this course. Students are expected to conduct original research and report their findings in a conference paper-style project report. The project can either be a new security system, extension of a previously-proposed system, or security analysis of an existing system. Although I will suggest project ideas, students are welcome and are encouraged to suggest their own projects.

The project will have the following checkpoints:

Choosing a project topic. You will first form a team and decide on the project topic. During this phase, you will meet meet as a team, brainstorm ideas, and meet with me to refine the project proposal.
Project proposal. You will submit a short (1-2 page) document stating (i) the problem that you propose to solve; (ii) why the problem is relevant; (iii) proposed solution methodology; and (iv) the research challenges that you expect to face. Once you have submitted the project proposal and have it approved by me, you will begin work on your project. Please start early and work regularly! Don't put things off until the last minute.
Midpoint review + Related work. By this time, you are expected to have made significant progress toward achieving the goals stated in your project proposal, or must have a clear idea of the difficulties that are hampering your progress. You will meet with me to discuss your progress. You are also expected to have conducted a thorough survey of related work in the area, and are expected to have a writeup of related work (you will reuse this in your final project report as well).
Submission of title and abstract of presentation. You will submit a short (1-2 paragraph) abstract describing your project. I will use this to schedule your presentation and advertise your project to the rest of the department.
Class minisymposium. You will present your work to the rest of the class. We will have 15-25 minute presentations, depending on the number of class projects. The minisymposium will be open to the rest of the department, too. Please make your presentations clear and concise. Please follow the links from the resources section of the class webpage for advice on effective presentation.
Submission of final project report. Your final project report must provide a clear description of the problem and solution, and your evaluation. It must closely mimic the style of a conference paper. Since we will have discussed several papers in class, you will be familiar with the format expected. The resources section of the class webpage also contains several links with advice on writing good research papers.

Important dates

Deadline	Milestone
February 24th, 2009	Project proposal due
March 24th, 2009	Midpoint review; Related work sections due
April 21st, 2009	Project titles and abstracts due
April 28th, 2009	Class minisymposium
May 5th, 2009	Final project reports due

More information on the project, including project suggestions, will be posted here over the course of the semester.

Other Resources

Organizations

Tips to read an academic paper

How to read a paper, by Professor S. Keshav, Univerity of Waterloo.

Tips for good technical writing

Writing a technical paper, by Professor Michael Ernst.
Tips for writing technical papers, by Professor Jennifer Widom.
Writing suggestions, by Professor Barton Miller.
Three sins of authors in Computer Science and Math, by Professor Jonathan Shewchuk.
How to write a dissertation, by Professor Douglas Comer (most of the content on this page applies to all forms of technical writing).
The elements of style by William Strunk Jr. and E. B. White (follow the "External links" at the bottom of this page for online copies of this book).

Tips for effective presentation

Giving a technical talk, by Professor Michael Ernst.
Tips for a good conference talk, by Professor Jennifer Widom.
Oral presentation advice, by Professor Mark Hill.
Giving an Academic Talk, by Professor Jonathan Shewchuk.

Vinod Ganapathy