16:198:673:01: Introduction to Software Security

Fall 2007

Latest Announcements

(12/17/07) This course has concluded, and the grades have been posted. Happy holidays! Archived announcements are available here for your enjoyment and edification.

General Information

Course number: 16:198:673:01, Index: 21652.
Instructor: Vinod Ganapathy (contact information).
Class hours: Wednesdays from 3:20pm - 6:20pm.
Class location: Hill 254.
Instructor's office hours: Thursdays, 1:30pm-2:30pm, and the hour immediately following class.

Course overview

Security vulnerabilities in software cost the economy several billion dollars a year. Why is today's software so vulnerable to exploits? What techniques are attackers using to compromise software? How can we secure software to resist such attacks? Can we design primitives that will help programmers create software that resists such attacks?

This course will seek to answer such questions by covering an exciting range of topics ranging from state-of-the-art techniques used to attack software, as well as techniques to strengthen software to resist attacks. We will study analysis techniques that can be used to understand security properties of software systems and transform them to create secure software.

The course will be based upon readings of research papers, both classics as well as from recent security conferences. A key goal of the course will be to teach the student to think both as an attacker as well as a defender. Consequently we will study both "attack" and "defense" papers. The most exciting part of the course will be a course project where students get to research a topic of their liking, and report their findings in a conference style paper.

Reading list

Here is the reading list for this course. We will discuss papers roughly in the order that they appear on this list, though we will not be discussing all papers on the list. Please see the class schedule for the assigned readings for each week.

Students are expected to read and review the papers before they come to class. We will use class hours to summarize the paper, discuss its key ideas and shortcomings. Reading the paper before class will ensure that we will have more meaningful in-class discussions.

Paper summaries must be sent to the instructor via email by noon on the day of class. Please include "673-review" in the subject of your email.

Class schedule

Each week, we will discuss two or three papers from our reading list according to the schedule below.

The schedule below is still tentative, and may change over the course of the semester.

Date	Assigned reading
9/5/2007	Reflections Stack Smashing StackGuard
9/12/2007	Static Overrun Detection Comprehensive Protection Effectiveness of Randomization
9/19/2007	CCured Dynamic Overrun Detection Sense of Self for UNIX processes
9/26/2007	Intrusion Detection via Static Analysis Control-flow Integrity Backtracking Intrusions
10/3/2007	Bro End-to-end Protocol Semantics Language-based NIDS signature generation
10/10/2007	Polygraph TaintCheck EXE
10/17/2007	Saltzer/Schroeder Protection/Lampson Enforceable Security Policies
~~10/24/2007~~ Cancelled	Essence of Command Injection Attacks End-to-end Web App Security
10/31/2007	BrowserShield MashupOS
11/7/2007	VM Introspection Subvirt
11/14/2007	PrivTrans Retrofitting Legacy Code
~~11/21/2007~~ Thanksgiving	Semantics-Aware Malware Detection MiniMal
11/28/2007	TCG Terra
12/5/2007	Denning/Lattice Model Decentralized Label Model
12/12/2007	Project Presentations

Grading

Readings (20%): For each paper that we read in class, students will be expected to provide a short (at most 4 paragraphs) review of the paper. The objective is to teach students to critically analyze a paper and distill its key ideas into a few sentences.
Class participation (10%): Active discussions are what makes a class enjoyable, so I will also factor class participation into the final grade. All the more incentive to contribute to the class discussion!
Research project (70%): The research project is the most important (and probably the most enjoyable) aspect of this class. The course will be front-loaded so that students are exposed to key ideas early and can apply them to their course projects. Front loading the course will also mean that students can invest more time on their projects in the latter half of the semester.

Paper summaries

Students are expected to read and summarize the papers before they come to class. Paper summaries must be sent by email to the instructor by noon on the day of the class (with 673-review in the subject of the email).

Organize your review into three or four paragraphs, as follows:

Problem description.: What problem does the paper address? Why is the problem important?
Solution description: What is the solution proposed by the paper? Does it solve the problem in its entirety? If not, what are the assumptions under which the solution works? Are these assumptions reasonable? What aspects of the solution were evaluated in the paper? What aspects were not evaluated? Why not?
Pros and cons -- your opinion: What did you like about the paper? (i.e., What is the "Aha!" point in the paper?) Did you learn any new tricks from this paper that you can add to your toolbox? What did you dislike about the paper? Did the authors hype their solution?
Extensions: What is the next logical step? Did you get any project ideas from this paper? What about longer-term/more ambitious extensions?

Project

The final project is the main ingredient of this course. Students are expected to conduct original research and report their findings in a conference paper-style project report. The project can either be a new security system, extension of a previously-proposed system, or security analysis of an existing system. Although I will suggest project ideas, students are welcome and are encouraged to suggest their own projects.

The project will have the following checkpoints:

Choosing a project topic. You will first form a team and decide on the project topic. During this phase, you will meet meet as a team, brainstorm ideas, and meet with me to refine the project proposal.
Project proposal. You will submit a short (1-2 page) document stating (i) the problem that you propose to solve; (ii) why the problem is relevant; (iii) proposed solution methodology; and (iv) the research challenges that you expect to face. Once you have submitted the project proposal and have it approved by me, you will begin work on your project. Please start early and work regularly! Don't put things off until the last minute.
Midpoint review + Related work. By this time, you are expected to have made significant progress toward achieving the goals stated in your project proposal, or must have a clear idea of the difficulties that are hampering your progress. You will meet with me to discuss your progress. You are also expected to have conducted a thorough survey of related work in the area, and are expected to have a writeup of related work (you will reuse this in your final project report as well).
Submission of title and abstract of presentation. You will submit a short (1-2 paragraph) abstract describing your project. I will use this to schedule your presentation and advertise your project to the rest of the department.
Class minisymposium. You will present your work to the rest of the class. We will have 15-25 minute presentations, depending on the number of class projects. The minisymposium will be open to the rest of the department, too. Please make your presentations clear and concise. Please follow the links from the resources section of the class webpage for advice on effective presentation.
Submission of final project report. Your final project report must provide a clear description of the problem and solution, and your evaluation. It must closely mimic the style of a conference paper. Since we will have discussed several papers in class, you will be familiar with the format expected. The resources section of the class webpage also contains several links with advice on writing good research papers.

Important dates

Deadline	Milestone
First two weeks of October	Choose a project topic
October 19th, 2007	Project proposal due
November 19th, 2007	Midpoint review; Related work sections due
December 5th, 2007	Project titles and abstracts due
December 12th, 2007	Class minisymposium
December 14th, 2007	Final project reports due

More information on the project, including project suggestions, will be posted here over the course of the semester.

Other Resources

Organizations

Tips for good technical writing

Writing a technical paper, by Professor Michael Ernst.
Tips for writing technical papers, by Professor Jennifer Widom.
Writing suggestions, by Professor Barton Miller.
Three sins of authors in Computer Science and Math, by Professor Jonathan Shewchuk.
How to write a dissertation, by Professor Douglas Comer (most of the content on this page applies to all forms of technical writing).
The elements of style by William Strunk Jr. and E. B. White (follow the "External links" at the bottom of this page for online copies of this book).

Tips for effective presentation

Giving a technical talk, by Professor Michael Ernst.
Tips for a good conference talk, by Professor Jennifer Widom.
Oral presentation advice, by Professor Mark Hill.
Giving an Academic Talk, by Professor Jonathan Shewchuk.

Vinod Ganapathy