Course Schedule

This schedule is still being refined. The readings will be posted here.

Note that every class for which a reading is assigned requires submission of a review of that paper. In addition, the "Due dates" column indicates other items due on that day.

Date	Topic and Notes	Due dates	Readings for this class
M 8-Jan	Introduction (slides) (recording)
W 10-Jan	How to read a paper (slides) (recording)		Required reading: The Myth of Double-Blind Review Revisited: ACL vs. EMNLP. Cornelia Caragea, Ana Sabina Uban, and Liviu P. Dinu. EMNLP 2019. Optional reading(s): Double Blind Review at SSBSE. Prof. Claire Le Goues.
M 15-Jan	No class, MLK Jr. Day
W 17-Jan	Discussion: end-to-end systems abstraction (Zoom Recording)		No required readings.
M 22-Jan	Foundations: Binaries, Viruses, malware analysis (Slides)		Required reading: Hiding in the Particles: When Return-Oriented Programming Meets Program Obfuscation. Pietro Borrello, Emilio Coppa, and Daniele Cono D'Elia. DSN 2021. Optional reading(s): Smashing the Stack For Fun and Profit. Aleph One. Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Land. Frederick Barr-Smith, Xabier Ugarte-Pedrero, Mariano Graziano, Riccardo Spolaor, and Ivan Martinovic. Oakland 2021.
W 24-Jan	Moving Target Defense (SoK Automated Software Diversity) (slides)		Required reading: SoK: Automated Software Diversity. Per Larsen, Andrei Homescu, Stefan Brunthaler, and Michael Franz. Oakland 2014. Optional reading(s): Survey of Cyber Moving Targets, Second Edition. BC Ward, SR Gomez, RW Skowyra, D Bigelow, JN Martin, JW Landry, and H Okhravi. (MIT Lincoln Laboratory Technical Report)
M 29-Jan	Virtual Machines		Required reading: Spotless Sandboxes: Evading Malware Analysis Systems using Wear-and-Tear Artifacts. Najmeh Miramirkhani, Mahathi Priya Appini, Nick Nikiforakis, and Michalis Polychronakis. (Oakland 2017)
W 31-Jan	Project Pitches and Discussion	Submit your 500-word writeup via the submission system. See here.	No required readings.
M 5-Feb	Evasive malware and CPU Features		Required reading: Using Hardware Features for Increased Debugging Transparency. Fengwei Zhang, Kevin Leach, Angelos Stavrou, Haining Wang, and Kun Sun. Oakland 2015.
W 7-Feb	Automated Malware Analysis	HW1 due at 11:59PM Central	Required reading: Reducing Malware Analysis Overhead with Coverings. Michael Sandborn, Zach Stoebner, Westley Weimer, Stephanie Forrest, Ryan Dougherty, Jules White, and Kevin Leach. TDSC 2023. Optional reading(s): Revising ARM Debugging Features: Nailgun and its Defense. Zhenyu Ning, Chenxu Wang, Yinhua Chen, Fengwei Zhang, and Jiannong Cao. TDSC 2022. Understanding the Security of ARM Debugging Features. Zhenyu Ning and Fengwei Zhang. Oakland 2019.
M 12-Feb	Architectural sidechannels, Hardware Security		(Please read both papers, but only submit a review for Spectre.) Required readings Spectre: Exploiting Speculative Execution. Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. Oakland 2019. Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors. Yoongu Kim, Ross Daly, Jeremie Kim, Chris Fallin, Ji Hye Lee, Donghyuk Lee, Chris Wilkerson, Konrad Lai, and Onur Mutlu. International Symposium on Computer Architecture (ISCA) 2014. Optional reading(s): Meltdown: Reading Kernel Memory from User Space. Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. Usenix Security 2018. Rowhammer slides (visual explanations may help understanding if you are unfamiliar with hardware). RowHammer: A Retrospective. Onur Mutlu and Jeremie S. Kim. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2020.
W 14-Feb	NSA Seminar on Malware Analysis/Reverse Engineering (slides) (The NSA Seminar is 12:45p - 1:45p CT in Buttrick 101. Please attend and see the Piazza for more details). Guest lecture by Matt Howard (recording) This is the regular lecture; Matt is joining remotely. You can either join via Zoom (see the Piazza) or attend in person, where I will project his presentation for your convenience).		No reviews required, but you must read the following: the HW2 specification Optional reading(s): LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. Chris Lattner and Vikram Adve. Proceedings of the 2004 International Symposium on Code Generation and Optimization (CGO'04).
M 19-Feb	Kernel rootkits		Required reading: KShot: Live Kernel Patching with SMM and SGX. Lei Zhou, Fengwei Zhang, Jinghui Liao, Zhengyu Ning, Jidong Xiao, Kevin Leach, Westley Weimer, and Guojun Wang. In DSN 2021 (best paper runner up).
W 21-Feb	Nation State Attacks, APTs, EDRs		No required review submission. Instead, please be prepared to discuss the Microsoft Digital Defense Report, pages 47 through 69.
M 26-Feb	Machine Learning and Security		Required reading: Stealing Machine Learning Models via Prediction APIs. Florian Tramer, Fan Zhang, Ari Juels, Michael K. Reiter, and Thomas Ristenpart. USENIX Security 2016. Optional readings: Deep Neural Networks are Easily Fooled: High Confidence Predictions for Unrecognizable Images (CVPR2015) Intriguing Properties of Neural Networks (ICLR 204) Google's Cloud Vision API Is Not Robust To Noise (ICMLA 2017) Natural Adversarial Examples (CVPR 2021) Iterative Feature Mining for Constraint-Based Data Collection to Increase Data Diversity and Model Robustness (EMNLP 2020)
W 28-Feb	GPU Security		Required reading: StrongBox: a GPU TEE on ARM Endpoints. Yunjie Deng, Chenxu Wang, Shunchang Yu, Shiqing Liu, Zhenyu Ning, Kevin Leach, Jin Li, Shoumeng Yan, Zhengyu He, Jiannong Cao, Fengwei Zhang. ACMCCS 2022.
M 4-Mar	Project Proposal Presentations (day 1)	Submit your presentation slides and writeup: see here.
W 6-Mar	Project Proposal Presentations (day 2)
M 11-Mar	No class, Spring break
W 13-Mar	No class, Spring break
M 18-Mar	Ethics (of research and security)		Required Reading: On the Feasibility of Stealthily Introducing Vulnerabilities in Open-source Software via Hypocrite Commits. By Qiushi Wu and Kangjie Lu. Formerly in Oakland 2021. Optional reading: Letter from authors withdrawing paper from conference proceedings.
W 20-Mar	Foundations: human studies		Required reading: Neurological Divide: an fMRI Study of Prose and Code Writing. By Ryan Kruger, Yu Huang, Xinyu Liu, Tyler Santander, Westley Weimer, and Kevin Leach. In ICSE 2020. Optional reading: Distilling Neural Representations of Data Structure Manipulation using fMRI and fNIRS. By Yu Huang, Xinyu Liu, Ryan Krueger, Tyler Santander, Xiaosu Hun, Kevin Leach, and Westley Weimer. In ICSE 2019 (ACM Distinguished Paper Award).
M 25-Mar	Project Checkin, HW3, Fuzzing	HW2 due at 11:59PM Central on Tuesday 3/26	No review required, but please read the Homework 3 Specification.
W 27-Mar	Autonomous vehicles		Required reading: START: A Framework for Trusted and Resilient Autonomous Vehicles. Kevin Leach, Christopher Timperley, Kevin Angdtadt, Anh Nguyen-Tuong, Jason Hiser, Aaron Paulos, Partha Pal, Patrick Hurley, Carl Thomas, Jack W. Davidson, Stephanie Forrest, Claire Le Goues, Westley Weimer. In ISSRE 2022. Optional reading(s): Selective Symbolic Type-Guided Checkpointing and Restoration for Autonomous Vehicle Repair. By Yu Huang, Kevin Angstadt, Kevin Leach, and Westley Weimer. In APR 2020. A Comprehensive Study of Autonomous Vehicle Bugs. By Joshua Garcia, Yang Feng, Junjie Shen, Sumaya Almanee, Yuan Xia, and Qi Alfred Chen. In ICSE 2020.
M 1-Apr	Network Security (Slides)		Required reading: A Longitudinal, End-to-End View of the DNSSEC Ecosystem. By Taejoon Chung, Roland van Rijswijk-Deij, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Magggs, Alan Mislove, and Christo Wilson. In USENIX 2017. Optional reading: Global Measurement of DNS Manipulation. By Paul Pearce, Ben Jones, Frank Li, Roya Ensafi, Nick Feamster, Nick Weaver, and Vern Paxson. In USENIX 2017.
W 3-Apr	TOR (Slides)		Required reading: Tor: The Second-Generation Onion Router. By Roger Dingledine, Nick Nathewson, and Paul Syverson. In USENIX 2004. Optional reading: Users Get Routed: Traffic Correlation on Tor by Realistic Adversaries. By Aaron Johnson, Chris Wacek, Rob Jansen, Micah Sherr, and Paul Syverson. In CCS 2013.
M 8-Apr	Botnets	HW3 due Tuesday 4/9 at 11:59PM Central	Required reading: Understanding the Mirai Botnet. By Manos Antonakakis, Tim April, Michael Bailey, Matthew Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J. Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. In USENIX 2017.
W 10-Apr	Cryptocurrency		Required reading: Bitcoin: A Peer-to-Peer Electronic Cash System. By "Satoshi Nakamoto" (pseudonym). This is the original Bitcoin whitepaper.
M 15-Apr	(no class; ICSE 2024)
W 17-Apr	(no class; ICSE 2024)	Final Presentations Due Submit your presentation slides and writeup: see here.	Note you must submit your recording as an unlisted YouTube videos. Your writeup is submitted on the submission portal. You mustinclude your YouTube video link in your final report writeup.
M 22-Apr	TBA: probably career development.	Peer evaluations of Final Presentations due.

There are no exams for this class.