Below is the calendar for this semester course. This is the preliminary schedule, which will be altered as the semester progresses. It is the responsibility of the students to frequently check this web-page for schedule, readings, and assignment changes. As the professor, I will attempt to announce any change to the class, but this web-page should be viewed as authoritative. If you have any questions, please contact me (contact information is available at the course homepage).

Readings for Discussion
(do readings before class)
08/22/11 Introduction and Attacks
Course syllabus. link Presenter:
Candidate Paper List link Presenter:
08/29/11 Current Attacks in Detail
(Slides) (Slides) (Slides)
Return-Oriented Programming: Systems, Languages, and Applications. Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage. ACM Transactions on Information and System Security (TISSEC), 2011. To appear. link Presenter:
W32.Stuxnet Dossier, Version 1.4. Nicolas Falliere, Liam O Murchu, and Eric Chien. Symantec Security Response, February 2011. link Presenter:
09/05/11 Secure Systems Basics
(Slides) (Slides) (Slides)
Trusted Computer System Evaluation Criteria ("Orange Book"). DoD 5200.28-STD, US Department of Defense. December 1985. link Presenter:
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. Crispin Cowan, Calton Pu, Dave Maier, Heather Hintony, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, PerryWagle and Qian Zhang USENIX Security Symposium, January 1998. link Presenter:
Integrating Flexible Support for Security Policies into the Linux Operating System. Peter Loscocco and Stephen Smalley. Freenix Track: USENIX Annual Technical Conference. June 2001. link Presenter:
09/12/11 Static Analysis Foundations
Text, Chapter 1 and 2.1 and 2.2.1 link Presenter:
Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. Patrick Cousot and Radhia Cousot. Principles of Programming Languages. January, 1977. link Presenter:
09/19/11 Detecting Bugs in Programs
(Slides) (Slides) (Slides)
RMSolver (see RMSolve/Instructions.rtf) Due 10/12/11 link
Text, Chapter 2.2.2-2.2.3 link Presenter:
A System and Language for Building System-Specific Static Analyses. Seth Hallem, Benjamin Chelf, Yichen Xie, and Dawson Engler. Programming Language Design and Implementation. 2002. link Presenter:
Control Flow Integrity: Principles, Implementations, and Applications. Martin Abadi, Mihai Budiu, Ulfar Erlingsson, and Jay Ligatti. Conference on Computer and Communications Security. 2005. link Presenter:
Andy Chou's Coverity Slides link Presenter:
09/26/11 Rehof-Mogensen Solver
Tractable constraints in finite semilattices. J. Rehof and T. Mogensen. Proceedings of the Third International Symposium on Static Analysis. 1996. link Presenter:
10/03/11 Analysis of Security Policies
(Slides) (Slides) (Slides)
Text, Chapter 2.2.3 link Presenter:
Analyzing Integrity Protection in the SELinux Example Policy Trent Jaeger, Reiner Sailer, and Xiaolan Zhang. USENIX Security Symposium. 2003. link Presenter:
Policy Analysis for Security-Enhanced Linux Beata Sarna-Starosta and Scott D. Stoller Workshop on Issues in the Theory of Security (WITS). 2004. (Nirupama) link Presenter:
JFlow: Practical Mostly-Static Information Flow Control. Andrew Myers. Principles of Programming Languages. 1999. (Nirupama) link Presenter:
10/10/11 Constraint Solving
(Slides) (Slides) (Slides)
Text, Chapter 2.2.5 link Presenter:
Boolean Satisfiability: From Theoretical Hardness to Practical Success. Sharad Malik and Lintao Zhang. Communications of the ACM, Volume 52, Number 8, August 2009. link Presenter:
Declarative Infrastructure Configuration Synthesis and Debugging. Sanjai Narain, Gary Levin, Vikram Kaul, and Sharad Malik, Journal of Network and Systems Management. 2008. (Adam) link Presenter:
10/17/11 Compiler Infrastructure
(Slides) (Slides) (Slides)
Text, Chapter 3.1 and 3.2 link Presenter:
CCured: Type-Safe Retrofitting of Legacy Code. George Necula, Scott McPeak, and Westley Weimer. Principles of Programming Languages. 2002. (Phil) link Presenter:
LLVM: A Compilation Framework for Lifelong Program Analysis and Transformation. Chris Lattner and vikram Adve. International Symposium on Code Generation and Optimization. 2004. (Nirupama) link Presenter:
10/24/11 Namespaces
(Slides) (Slides)
Exploiting Unix File-System Races via Algorithmic Complexity Attacks. Xiang Cai, Yuwei Gui, and Rob Johnson. IEEE Symposium on Security and Privacy. May 2009. (Phil) link Presenter:
Where Do You Want to Go Today? Escalating Privileges by Pathname Manipulation. Suresh Chari, Shai Halevi, and Wietse Venema. Network and Distributed Systems Symposium. 2010. link Presenter:
10/31/11 Attack Graphs
(Slides) (Slides) (Slides)
A Scalable Approach to Attack Graph Generation. Xinming Ou, Wayne F. Boyer, and Miles A. McQueen. Conference on Computer and Communications Security. 2006. (Phil) link Presenter:
Towards System-Wide, Deployment-Specific MAC Policy Generation for Proactive Integrity Mediation. Sandra Rueda, Divya Muthukumaran, Hayawardh Vijayakumar, Trent Jaeger, Swarat Chaudhuri. NSRC Tech Report. 2011. link Presenter:
11/07/11 Summary Functions
(Slides) (Slides) (Slides)
Two approaches to inter-procedural data-flow analysis (Part 1). M. Sharir and A. Pnueli. Program Flow Analysis: Theory and Applications. 1981. link Presenter:
Two approaches to inter-procedural data-flow analysis (Part 2). M. Sharir and A. Pnueli. Program Flow Analysis: Theory and Applications. 1981. link Presenter:
Compositional may-must program analysis: Unleashing the power of alternation. P. Godefroid, A. V. Nori, S. K. Rajamani, and S. Tetali. Symposium on Principles of Programming Languages. 2010. link Presenter:
11/14/11 More Static Analysis
(Slides) (Slides)
Static Detection of Security Vulnerabilities in Scripting Languages. Yichen Xie and Alex Aiken. USENIX Security Symposium. (Adam) link Presenter:
Differential Slicing: Identifying Causal Execution Differences for Security Applications. Noah M. Johnson et al. IEEE Symposium on Security and Privacy. 2011. link Presenter:
The Clang Static Analyzer link Presenter:
11/21/11 Thanksgiving - No class
11/28/11 Runtime Analysis
(Slides) (Slides)
Runtime Verification of Authorization Hook Placement for the Linux Security Modules Framework. Antony Edwards, Trent Jaeger, and Xiaolan Zhang. Conference on Computer and Communications Security. 2002. link Presenter:
KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. Cristian Cadar, Daniel Dunbar, and Dawson Engler. Operating System Design and Implementation. 2008. (Adam) link Presenter:
12/05/11 Pulling It All Together
12/12/11 Final Exam