EECS 700 - Security and Performance
Prasad Kulkarni
EECS Department
University of Kansas

Course Time: MWF 2:00PM - 2:50PM
Course Location: Learned 1131

Office: Eaton 2030
Office Hours: MW: 4:30PM - 5:30PM,
                           F: 3:00PM - 4:00PM
                       (or by appointment)
Course Home Schedule Readings

Course Schedule

Date Topics Readings
08/21 Fri Introduction
08/24, 26, 28 Mon, Wed, Fri Assembly Basics 1. x86 Manuals can be downloaded from: here
2. Local copy of x86 Basic Architecture.
3. x86 Calling Conventions.
4. Assembly Debugging with GDB
08/31 Mon Buffer Overflows 1. Smashing The Stack For Fun And Profit
09/02 Wed Other C Vulnerabilities 1. Beyond Stack Smashing
2. Exploiting Format-String Vulnerabilities
09/04 Fri Assignment 1 -- Due on Sep 25
Resource bundle
ARM Architecture Reference Manual
ARM ABI Conventions
ARM Procedure Call Conventions
09/07 Mon Labor Day Holiday
09/09 Wed Vijay -- slides Cyclone: A safe dialect of C
09/11 Fri Mike -- slides 1. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks
2. Propolice (optional/additional reading)
09/14 Mon Mindy -- slides 1. Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow
2. Reference -- PointGuard
09/16 Wed Victor -- slides Static tools:
1. ITS4: A Static Vulnerability Scanner for C and C++ Code
2. Static Analysis Tools
09/18 Fri Ryan -- slides 1. On the Effectiveness of Address-Space Randomization
09/21 Mon Divya -- slides 1. Low-cost Concurrent Checking of Pointer and Array Accesses in C Programs
09/23 Wed Ethan -- 1. Exterminator: automatically correcting memory errors with high probability
09/25 Fri Kannan -- 1. Archipelago: trading address space for reliability and security
09/28 Mon
09/30 Wed Prashanth -- slides Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software
10/02 Fri Janaki -- slides A Virtual Machine Introspection Based Architecture for Intrusion Detection
10/05 Mon Sridhar -- slides The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments
10/07 Wed Sashidhar -- slides Integrating Flexible Support for Security Policies into the Linux Operating System
10/09 Fri Mason -- slides Linux Kernel Integrity Measurement Using Contextual Inspection
10/12 Mon Kyle -- slides 1. Secure Virtual Architecture
10/14 Wed No Class
10/16 Fri Fall Break Holiday
10/19 Mon Internet Security
Brian -- slides
A Taxonomy of Computer Worms
10/21 Wed Mindy -- slides Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions
10/23 Fri Vijay -- slides Introspective 3D Chips
10/26 Mon Mike -- slides XSS Video Tutorial 1
XSS Video Tutorial 2
Cross-Site Scripting Prevention with Dynamic Data Tainting and Static analysis
10/28 Wed Kannan -- The Security Architecture of the Chromium Browser
10/30 Fri Victor -- slides CANDID: Preventing SQL Injection Attacks using Dynamic Candidate Evaluations
11/02 Mon Manohar -- Automatic Creation of SQL Injection and Cross-Site Scripting Attacks
11/04 Wed Work on group projects
11/06 Fri Meet in Apollo room, Nichols Hall for tutorial on
Linux Kernel Integrity Measurement Using Contextual Inspection
11/09 Mon Divya -- slides Finding Security Vulnerabilities in JAVA Applications with Static Analysis
11/11 Wed Ethan -- slides Native Client: A Sandbox for Portable, Untrusted x86 Native Code
11/13 Fri Brian -- slides Paper change
Vista A System for Interactive Code Improvement
11/16 Mon Prashant -- slides Why Cryptosystems Fail
11/18 Wed Sridhar -- slides Architectural Support for Copy and Tamper Resistant Software
11/20 Fri Ryan -- Cloud computing security
Data Security in the World of Cloud Computing
Cloud Computing: An Overview
Google File System
11/23 Mon Kyle -- slides Compiler Optimizations to Reduce Security Overhead
11/25 Wed Thanksgiving Break
11/27 Fri Thanksgiving Break
11/30 Mon Mason -- slides Detecting SYN Flooding Attacks
12/02 Wed Sasidhar -- slides Security as a New Dimension in Embedded System Design
12/04 Fri
12/07 Mon
12/09 Wed
12/11 Fri Stop Day -- No Class