EECS 700 - Security and Performance

EECS 700 - Security and Performance
	Prasad Kulkarni EECS Department University of Kansas Course Time: MWF 2:00PM - 2:50PM Course Location: Learned 1131 Office: Eaton 2030 Office Hours: MW: 4:30PM - 5:30PM, F: 3:00PM - 4:00PM (or by appointment)

Course Home

Schedule

Readings

Course Schedule

Date	Topics	Readings
08/21 Fri	Introduction
08/24, 26, 28 Mon, Wed, Fri	Assembly Basics	1. x86 Manuals can be downloaded from: here 2. Local copy of x86 Basic Architecture. 3. x86 Calling Conventions. 4. Assembly Debugging with GDB
08/31 Mon	Buffer Overflows	1. Smashing The Stack For Fun And Profit
09/02 Wed	Other C Vulnerabilities	1. Beyond Stack Smashing 2. Exploiting Format-String Vulnerabilities
09/04 Fri	Assignment 1 -- Due on Sep 25 Resource bundle	ARM Architecture Reference Manual ARM ABI Conventions ARM Procedure Call Conventions
09/07 Mon	Labor Day Holiday
09/09 Wed	Vijay -- slides	Cyclone: A safe dialect of C
09/11 Fri	Mike -- slides	1. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks 2. Propolice (optional/additional reading)
09/14 Mon	Mindy -- slides	1. Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow 2. Reference -- PointGuard
09/16 Wed	Victor -- slides	Static tools: 1. ITS4: A Static Vulnerability Scanner for C and C++ Code 2. Static Analysis Tools
09/18 Fri	Ryan -- slides	1. On the Effectiveness of Address-Space Randomization
09/21 Mon	Divya -- slides	1. Low-cost Concurrent Checking of Pointer and Array Accesses in C Programs
09/23 Wed	Ethan --	1. Exterminator: automatically correcting memory errors with high probability
09/25 Fri	Kannan --	1. Archipelago: trading address space for reliability and security
09/28 Mon
09/30 Wed	Prashanth -- slides	Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software
10/02 Fri	Janaki -- slides	A Virtual Machine Introspection Based Architecture for Intrusion Detection
10/05 Mon	Sridhar -- slides	The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments
10/07 Wed	Sashidhar -- slides	Integrating Flexible Support for Security Policies into the Linux Operating System
10/09 Fri	Mason -- slides	Linux Kernel Integrity Measurement Using Contextual Inspection
10/12 Mon	Kyle -- slides	1. Secure Virtual Architecture
10/14 Wed	No Class
10/16 Fri	Fall Break Holiday
10/19 Mon	Internet Security Brian -- slides	A Taxonomy of Computer Worms
10/21 Wed	Mindy -- slides	Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions
10/23 Fri	Vijay -- slides	Introspective 3D Chips
10/26 Mon	Mike -- slides	XSS Video Tutorial 1 XSS Video Tutorial 2 Cross-Site Scripting Prevention with Dynamic Data Tainting and Static analysis
10/28 Wed	Kannan --	The Security Architecture of the Chromium Browser
10/30 Fri	Victor -- slides	CANDID: Preventing SQL Injection Attacks using Dynamic Candidate Evaluations
11/02 Mon	Manohar --	Automatic Creation of SQL Injection and Cross-Site Scripting Attacks
11/04 Wed		Work on group projects
11/06 Fri		Meet in Apollo room, Nichols Hall for tutorial on Linux Kernel Integrity Measurement Using Contextual Inspection
11/09 Mon	Divya -- slides	Finding Security Vulnerabilities in JAVA Applications with Static Analysis
11/11 Wed	Ethan -- slides	Native Client: A Sandbox for Portable, Untrusted x86 Native Code
11/13 Fri	Brian -- slides	Paper change Vista A System for Interactive Code Improvement
11/16 Mon	Prashant -- slides	Why Cryptosystems Fail
11/18 Wed	Sridhar -- slides	Architectural Support for Copy and Tamper Resistant Software
11/20 Fri	Ryan --	Cloud computing security Data Security in the World of Cloud Computing Cloud Computing: An Overview Google File System
11/23 Mon	Kyle -- slides	Compiler Optimizations to Reduce Security Overhead
11/25 Wed	Thanksgiving Break
11/27 Fri	Thanksgiving Break
11/30 Mon	Mason -- slides	Detecting SYN Flooding Attacks
12/02 Wed	Sasidhar -- slides	Security as a New Dimension in Embedded System Design
12/04 Fri
12/07 Mon
12/09 Wed
12/11 Fri	Stop Day -- No Class