16:198:671:01: Introduction to Software Security

Reading List for the Course

This webpage lists the papers that we will discuss over the course of the semester. We will be discussing both classic computer security papers, and recent papers from premier computer security conferences, including the IEEE Symposium on Security and Privacy (Oakland), the ACM Conference on Computer and Communications Security (CCS), USENIX Security Symposium, and the Networked and Distributed Systems Security Symposium (NDSS). Occasionally, we will also read security papers published in programming language and operating system conferences.

We will proceed in roughly the order that papers appear on this list, though in the interest of time, we may not cover all papers on the list. For a detailed class schedule, please visit the course webpage

In most cases, the links below point to the official versions (e.g., the ACM or the IEEE version) of the paper. You can use a Rutgers University machine to access these papers.

Overview

• Reflections on Trusting Trust
  Ken Thompson
  Communications of the ACM, Volume 27, Issue 8, August 1984.
  This is Ken Thompson's Turing Award Lecture.

Vulnerabilities and Exploits

• Smashing the Stack for Fun and Profit
  Aleph One.
  Phrack Magazine, Volume 7, Issue 49, August 1996.

• StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks
  Crispin Cowan, Calton Pu, Dave Maier, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, Qian Zhang, Heather Hinton.
  USENIX Security Symposium, August 1998.

• Efficient Techniques for Comprehensive Protection from Memory Error Exploits
  Sandeep Bhatkar, R. Sekar and Daniel C. DuVarney.
  USENIX Security Symposium, August 2005.

• A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities
  David Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken.
  Networked and Distributed System Security Symposium (NDSS), February 2000.

• CCured: Type Safe Retrofitting of Legacy Software
  George C. Necula, Scott McPeak, and Westley Weimer.
  29th ACM Symposium on Principles of Programming Languages (POPL), January 2002.

• Detecting Format String Vulnerabilities with Type Qualifiers
  Umesh Shankar, Kunal Talwar, Jeffrey S. Foster and David Wagner.
  USENIX Security Symposium, August 2001.

Host-based Intrusion Detection

• A Sense of Self for UNIX Processes
  Stephanie Forrest, Steven Hofmeyr, Anil Somaiyaji and Thomas Longstaff.
  IEEE Symposium on Security and Privacy (Oakland), May 1996.

• Intrusion Detection using Static Analysis
  David Wagner and Drew Dean.
  IEEE Symposium on Security and Privacy (Oakland), May 2000.

• Control Flow Integrity: Principles, Implementations and Applications
  Martin Abadi, Mihai Budiu, Ulfar Erlingsson and Jay Ligatti.
  ACM TISSEC, to appear (2008).

• Backtracking Intrusions
  Samuel T. King and Peter M. Chen.
  ACM TOCS, Volume 23, Number 1, February 2005.

Network-based Intrusion Detection

• Bro: A System for Detecting Network Intruders in Real-Time
  Vern Paxson.
  Computer Networks, Volume 31, December 1999.

• Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics
  Mark Handley, Vern Paxson, Christian Kreibich.
  USENIX Security Symposium, August 2001.

Signature and Exploit Generation

• Dynamic Taint Analysis for Automatic Detection, Analysis and Signature Generation of Exploits on Commodity Software
  James Newsome and Dawn Song.
  Networked and Distributed System Security Symposium (NDSS), February 2005.

• Automatic Patch-based Exploit Generation is Possible: Techniques and Implications
  David Brumley, Pongsin Poosankam, Dawn Song and Jiang Zheng
  IEEE Symposium on Security and Privacy (Oakland), May 2008.

• EXE: Automatically Generating Inputs of Death
  Cristian Cadar, Vijay Ganesh, Peter M. Pawlowski, David L. Dill and Dawson R. Engler.
  13th ACM Conference on Computer and Communications Security (CCS), November 2006.

Web Security and Browser Security

• The Essence of Command Injection Attacks in Web Applications
  Zhendong Su and Gary Wassermann.
  33rd ACM Symposium on Principles of Programming Languages (POPL), January 2006.

• BrowserShield: Vulnerability-Driven Filtering of Dynamic HTML
  Charles Reis, John Dungan, Helen J. Wang, Opher Dubrovsky, and Saher Esmeir.
  USENIX Symposium on Operating System Design and Implementation (OSDI), November 2006.

• Protection and Communication Abstractions for Web Browsers in MashupOS
  Helen J. Wang, XiaoFeng Fan, Collin Jackson and Jon Howell.
  21st ACM Symposium on Operating System Principles (SOSP), October 2007.

• Secure Web Browsing with the OP Web Browser
  Chris Grier, Shuo Tang and Samuel King
  2008 IEEE Symposium on Security and Privacy

• Google Chrome
  Google chrome cartoon book.

Virtual Machines

• A Virtual Machine Introspection Based Architecture for Intrusion Detection
  Tal Garfinkel and Mendel Rosenblum.
  Networked and Distributed System Security Symposium (NDSS), February 2003.

• SubVirt: Implementing Malware using Virtual Machines
  Samuel T. King, Peter M. Chen, Yi-Min Wang, Chad Verbowski, Helen J. Wang, and Jacob R. Lorch.
  IEEE Symposium on Security and Privacy (Oakland), May 2006.

Detecting Modern Malware

• Semantics-aware Malware Detection
  Mihai Christodorescu, Somesh Jha, Sanjit Seshia, Dawn Song, and Randal Bryant.
  IEEE Symposium on Security and Privacy (Oakland), May 2005.

• Mining Specifications of Malicious Behavior
  Mihai Christodorescu, Somesh Jha and Christopher Kruegel.
  ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE), September 2007.

Privacy and Spyware

• Privacy Oracle: A system for finding application leaks with black box differential testing
  J. Jung, A. Sheth, B. Greenstein, D. Wetherall, G. Maganis, and T. Kohno.
  15th ACM Conference on Computer and Communications Security, October 2008.

• TightLip: Keeping Applications from Spilling the Beans
  Aydan R. Yumerefendi, Benjamin Mickle and Landon P. Cox.
  4th USENIX Symposium on Networked Systems Design and Implementation, April 2007.

• Dynamic Spyware Analysis
  Manuel Egele, Christopher Kruegel, Engin Kirda, Heng Yin, and Dawn Song.
  USENIX Annual Technical Symposium, June 2007.

Botnets and Spam

• BotHunter: Detecting Malware Infection Through IDS-Driven Dialog Correlation
  Guofei Gu, Phillip Porras, Vinod Yegneswaran, Martin Fong and Wenke Lee.
  16th USENIX Security Symposium, August 2007.

• Understanding the network-level behavior of spammers
  Anirudh Ramachandran and Nick Feamster.
  ACM SIGCOMM Conference, August 2006

Trusted Computing

• Design and Implementation of a TCG-based Integrity Measurement Architecture
  Reiner Sailer, Xiaolan Zhang, Trent Jaeger and Leendert van Doorn.
  13th USENIX Security Symposium, August 2004.

• Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems
  Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doorn, and Pradeep Khosla.
  20th ACM Symposium on Operating System Principles (SOSP), October 2005.