Below is the calendar for this semester course. This is the preliminary schedule, which will be altered as the semester progresses. It is the responsibility of the students to frequently check this web-page for schedule, readings, and assignment changes. As the professor, I will attempt to announce any change to the class, but this web-page should be viewed as authoritative. If you have any questions, please contact me (contact information is available at the course homepage).

Readings for Discussion
(do readings before class)
Course syllabus link
Fast and Vulnerable: A Story of Telematic Failures. Ian Foster, Andrew Prudhomme, Karl Koscher, and Stefan Savage, USENIX Workshop on Offensive Technologies, 2015. link
Operating Systems Security - Chs 1 and 4 link
Chapter 2: Why Systems Are Not Secure?. Morrie Gasser, in Building a Secure Computer System, 1988. link
The Risks Digest link
Common Vulnerabilities and Exposures link
Common Weakness Enumeration link
Security Focus: BugTraq link
09/01/15Security Principles
Operating Systems Security - Ch 2 link
Protection. Butler Lampson, Proc. 5th Princeton Conf. on Information Sciences and Systems, 1971. link
Reference Monitor Concept, Trent Jaeger, Encyclopedia of Cryptography and Security, 2010. link
Computer Security Archives Project, Matt Bishop. link
Operating Systems Security, Chapter 3 link
Introduction and Overview of the Multics System F. J. Corbato and V. A. Vyssotsky, in Proceedings of the Fall Joint Computer Conference, 1965. link
09/08/15Linux Security Modules
Operating Systems Security, Chapter 9 link
Linux Security Modules: General Security Support for the Linux Kernel. Chris Wright et al. In Proceedings of the 11th USENIX Security Symposium, August 2002. link
Using CQUAL for static analysis of authorization hook placement. Xiaolan Zhang, Antony Edwards, Trent Jaeger. In Proceedings of the 11th USENIX Security Symposium, August 2002. link
Course Project Proposal - Due 9/25/15
Operating Systems Security, Chapter 5 link
LOMAC: Low Water-Mark Integrity Protection for COTS Environments. Timothy Fraser. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, 2000. link
A Comparison of Commercial and Military Computer Security Policies. David D. Clark and David R. Wilson. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, 1987. link
(Slides) (Slides)
Operating Systems Security, Chapter 8 link
Integrating Flexible Support for Security Policies into the Linux Operating System, Peter Loscocco and Stephen Smalley. In Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, 2001. link
09/17/15Control-Flow Integrity
Control-flow Integrity. Martin Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti, in Proceedings of the 12th ACM Conference on Computer and Communications Security, 2005. link
Control-flow Bending: On the Effectiveness of Control-Flow Integrity. Nicolas Carlini, Antonio Barresi, Mathias Payer, David Wagner, Thomas R. Gross, in Proceedings of the 24th USENIX Security Symposium, 2015. link
09/22/15Program Diversity
An Analysis of Address Space Layout Randomization in Windows Vista. O. Whitehouse. Symantec Report, 2007. link
Readactor: Practical Code Randomization Resilient to Memory Disclosure. Stephen Crane, Christopher Liebchen, Andrei Homescu, Lucas Davi, Per Larsen, Ahmad-Reza Sadeghi, Stefan Brunthaler, Michael Franz, IEEE Symposium on Security and Privacy, 2015. link
The Case for Less Predictable Operating System Behavior. Ruimin Sun, Donald E. Porter, Daniela Oliveira, Matt Bishop, Hot Topics on Operating Systems, 2015. link
09/24/15Program Diversity
09/29/15Confused Deputy
The Confused Deputy (or why capabilities might have been invented). Norm Hardy. Operating Systems Review, pp. 36-38, Oct. 1988. link
JIGSAW: Protecting Resource Access by Inferring Programmer Expectations. Hayawardh Vijayakumar, Xinyang Ge, Mathias Payer, and Trent Jaeger, 23rd USENIX Security Symposium, 2014. link
10/01/15Program Retrofitting
Leveraging 'Choice' in Authorization Hook Placement. Divya Muthukumaran, Trent Jaeger, and Vinod Ganapathy. In 19th ACM Conference on Computer and Commumications Security, 2012. link
DIFC Programs by Automatic Instrumentation. William R. Harris, Somesh Jha, and Thomas Reps, in Computer and Communications Security (CCS), 2010. link
10/06/15Fall Break - No class
10/08/15Fall Break - No class
10/13/15Fall Break - No class
10/15/15Fall Break - No class
10/20/15Capability Systems
Operating Systems Security, Chapter 10 link
On the Inability of an Unmodified Capability Machine to Enforce the *-Property. W. E. Boebert, 7th DOD/NBS Computer Security Conference, 1984. link
A Secure Identity-Based Capability System. Li Gong, 1989 IEEE Symposium Security and Privacy, May 1989. link
10/22/15Malware Detection
The Art of Unpacking. Mark Vincent Yason, BlackHat 2007. link
Effective and Efficient Malware Detection at the End Host. Clemens Kolbitsch, Paolo Milani Comparetti, Christopher Kruegel, Engin Kirda, Xiaoyong Zhou, and XiaoFeng Wang, 18th USENIX Security Symposium, 2009. link
Using Hardware Features for Increased Debugging Transparency. Fengwei Zhang, Kevin Leach, Angelos Stavrou, Haining Wang, and Kun Sun, IEEE Symposium on Security and Privacy, 2015. link
10/27/15Security Kernels
Operating Systems Security, Chapter 6 link
Fault Isolation for Device Drivers. Jorrit N. Herder, Herbert Bos, Ben Gras, Philip Homburg, and Andrew S. Tanenbaum, in Proceedings of the 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN'09), pgs. 33-42, July 2009. link
10/29/15Virtual Machine Systems
Operating Systems Security, Chapter 11 link
Splitting Interfaces: Making Trust Between Applications and Operating Systems Configurable. Richard Ta-Min, Lionel Litty and David Lie, in Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation (OSDI 2006). Pages 279-292. November 2006. link
11/03/15Virtual Machine Systems
Operating Systems Security, Chapter 11 link
Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems. Xiaoxin Chen, Tal Garfinkel, E. Christopher Lewis, Pratap Subrahmanyam, Carl A. Waldspurger (VMware), Dan Boneh (Stanford), Jeffrey Dwoskin (Princeton), and Dan R.K. Ports (MIT), in Proceedings of the 2008 Conference on Architectural Support for Programming Languages and Operating Systems, 2008. link
11/05/15Cloud Computing Security
(Slides) (Slides)
Midterm (Take Home - Due 11/15/15 11:59pm)link
Inevitable Failure: The Flawed Trust Assumption in the Cloud. Yuqiong Sun, Giuseppe Petracca, Trent Jaeger, in Cloud Computing Security Workshop, 2014. link
Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services. Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, Stefan Saroiu, in Proceedings of the 21st USENIX Security Symposium, 2012. link
Unicorn: Two-Factor Attestation for Data Security. Mohammad Mannan, Beom Heyn Kim, Afshar Ganjali and David Lie, in Proceedings of the 18th ACM Conference on Computer and Communications Security (CCS 2011). Pages 17-28. October 2011. link
11/10/15Program Information Flow Control
A Decentralized Model for Information Flow Control. Andrew Myers and Barbara Liskov, in Proceedings of the 16th ACM Symposium on Operating Systems Principles, 1997. link
11/12/15System Information Flow Control
Information flow control for standard OS abstractions. Maxwell Krohn et al, in Proceedings of the ACM Symposium on Operating Systems Principles, 2007. link
11/17/15System Information Flow Control
(Slides) (Slides)
Information flow control for standard OS abstractions. Maxwell Krohn et al, in Proceedings of the ACM Symposium on Operating Systems Principles, 2007. link
11/19/15Symbolic Execution
(Slides) (Slides)
KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems. Cristian Cadar, Daniel Dunbar, Dawson Engler, in Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, 2008. link
AEG: Automatic Exploit Generation. Thanassis Avgerinos, Sang Kil Cha, Brent Lim Tze Hao and David Brumley, in Proceedings of the 2011 Network and Distributed System Security Symposium, Feb. 2011. link
11/24/15Thanksgiving Break - No class
11/26/15Thanksgiving Break - No class
12/01/15Hardware Advances for Security
SPROBES: Enforcing Kernel Code Integrity on the TrustZone Architecture. Xinyang Ge, Hayawardh Vijayakumar, and Trent Jaeger, Mobile Security Technologies Workshop, 2014. link
VC3: Trustworthy Data Analytics in the Cloud using SGX. Felix Schuster, Manuel Costa, Cedric Fournet, Christos Gkantsidis, Marcus Peinado, Gloria Mainar-Ruiz, Mark Russinovich, IEEE Symposium on Security and Privacy, 2015. link
12/03/15Student Project Presentations
12/08/15New Threats
Type Casting Verification: Stopping an Emerging Attack Vector. Byoungyoung Lee, Chengyu Song, Taesoo Kim, and Wenke Lee, USENIX Security Symposium, 2015. link
Problems with the Static Root of Trust for Measurement. John Butterworth, Corey Kallenberg, Xeno Kovah, Amy Herzog, BlackHat, 2013. link
Abusing Windows Management Instrumentation (WMI) to Build a Persistent, Asyncronous, and Fileless Backdoor. Matt Graeber, BlackHat, 2015. link
12/15/15Final Exam (10:10am-12pm 109 Walker)