CAP6135: Malware and Software Vulnerability Analysis
(Spring 2015)

Home                      Schedule notes                        Assignment

Class 1 (01/13):  Course introduction,   Software security introduction
Class 2 (01/15):  Software security intro (continue);  term project description (potential term project topics)
Class 3 (01/20):  Basic network security introduction
Class 4 (01/22):  Network security intro (continue);  Stack Overflow I: Attack Introduction
Class 5 (01/27):  Stack Overflow I: Attack Introduction (continue)
Class 6 (01/29):  Stack Overflow I: continue;   Stack Overflow example using GDB; Programming Project 1 is released and due Feb. 9th midnight via WebCourse
Class 7 (02/03):  Stack Overflow II: Defense
Class 8 (02/05):  Find Software Bugs
 Class 9 (02/10):  Find software bugs (continue); Introduce instructor's ACSAC'07 best student award paper on fuzzing
Class 10 (02/12): Email Spam and Phishing Attacks; Homework 1 is assigned and due Feb. 19th midnight
Class 11 (02/17): Email Spam (continue); Example of man-made vulnerable code (fuzzTest-target.c, fuzzTest100.c ) and explanation slides
Class 12 (02/19): Explanation of program project 2; Programming project 2 is assigned and due Mar. 3rd midnight; Term project proposal slides are due Mar. 4th midnight
Class 13 (02/24): Program Verification & Other Types of Vulnerabilities
Class 14 (02/26): Botnets; Paper presentation and Paper summary 
Class 15 (03/03): Network Traffic Monitoring Using Wireshark
Class 16 (03/05): Term project proposal presentation

Class 17 (03/17): Paper presentation:
    Continue Wireshark introduction;  Programming project 3 is released and due Mar. 29th midnight via WebCourse
    (Joshua Keller) "Analyzing Spammers' Social Networks For Fun and Profit -- A Case Study of Cyber Criminal Ecosystem on Twitter."
Class 18 (03/19): Paper presentation:
    (Rohit Durvasula) "The Impact of Vendor Customizations on Android Security"
    (Mohammed ALMARRI) "Timing Analysis of Keystrokes and Timing Attacks on SSH"
    (Aleksandr Nikolaev) "BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic."
   
Class 19 (03/24): Paper presentation:
   (Rouda Al-Kuwari)  "Efficient and Scalable Socware Detection in Online Social Networks"
   (Jaskaran Bhatti) "Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis."
   (Vivek Veeriah) "EXE: automatically generating inputs of death"

 Class 20 (03/26):  First paper summary assignment is assigned for online session students
   Paper presentation:
   (Vishnu Vidyan) "DART: directed automated random testing"
   (Vinay Chander) "Preserving Link Privacy in Social Network Based Systems"
   (Aritz Lopez de Brinas Gorosabel) "Detecting Passive Content Leaks and Pollution in Android Applications,"
Class 21 (03/31): Paper presentation:
    (Anusuya Arunachalam) "Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking"
    (Sailakshmivaishnavi Kalidindi) "Lares: An Architecture for Secure Active Monitoring Using Virtualization"
Class 22 (04/02):  Paper presentation:
     (Tripti Gupta) "TaintEraser: protecting sensitive data leaks using application-level taint tracking"
     (Sindhu Muttineni) "Privacy-preserving public auditing for data storage security in cloud computing"
     (Segrey Kovalenko) "An Advanced Hybrid Peer-to-Peer Botnet"

Class 23 (04/07): Paper presentation:
     (Gangadhar Mahadevan) "DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation"
     (Vinay Hegde Ganapati) "Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software"
     (Nishanth Athelli) "On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces"
Class 24 (04/09): Paper presentation:
    (Shrutha Keerthi Gandla) "TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection"
    (Guillermo A. Gomez) "Large-Scale Privacy-Preserving Mapping of Human Genomic Sequences on Hybrid Clouds"
    (Kumar Raghav Poojari) "BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection."

Class 25 (04/14): Paper presentation:
    (Anvesh Thota) Garfinkel, Tal and Pfaff, Ben and Chow, Jim and Rosenblum, Mendel and Boneh, Dan. "Terra: A Virtual Machine-based Platform for Trusted Computing"
    (Basundhara Dey) "A Study of Android Application Security"

 Class 26 (04/16): Paper presentation:
    (Kexin Liao) "P2PWNED: Modeling and Evaluating the Resilience of Peer-to-Peer Botnets"
    (Navjot Singh Chhoker) "Protecting Browsers from Extension Vulnerabilities"
 
Class 27 (04/21): Paper presentation:
    (Shreyas Somashekara) "Whispers in the Hyper-space: High-bandwidth and Reliable Covert Channel Attacks inside the Cloud"
    (Josh Eberst) "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds"

 Class 28 (04/23): Virus Introduction; Our Globecom'14 paper on click-tracking blocker   

Term project presentation at the Final exam time (05/05 10:00am-12:50pm): Term project submission is due May 3rd midnight via WebCourse; each presentation lasts 10 to 15 minutes

 
In-Class Paper Presentation Paper List:
  Fuzzing
     1. (Vishnu Vidyan) "DART: directed automated random testing", Godefroid, Patrice; Klarlund, Nils; Sen, Koushik.  ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), 2005.
     2. (Vivek Veeriah) "EXE: automatically generating inputs of death", Cadar, Cristian and Ganesh, Vijay and Pawlowski, Peter M. and Dill, David L. and Engler, Dawson R. ACM Transaction on Information System Security, 2008.
     3. (Shrutha Keerthi Gandla) "TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection", Tielei Wang, Tao Wei, Guofei Gu, Wei Zou.  IEEE Symposium on Security & Privacy (Oakland'10), 2010. (Best Student Paper Award)

  Tainted Analysis
     1. (Vinay Hegde Ganapati) "Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software", James Newsome, Dawn Song, Network and Distributed Systems Security Symposium (NDSS), 2005.
     2. (Gangadhar Mahadevan) "DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation". Min Gyung Kang, Stephen McCamant, Pongsin Poosankam, and Dawn Song. Proceedings of the 18th Annual Network and Distributed System Security Symposium (NDSS), 2011.
     3. (Tripti Gupta) "TaintEraser: protecting sensitive data leaks using application-level taint tracking".  David (Yu) Zhu, Jaeyeon Jung, Dawn Song, Tadayoshi Kohno, and David Wetherall. SIGOPS Oper. Syst. Rev.,vol. 45(1), page(s): 142-154. January 2011.

  Cloud Security
     1. (Josh Eberst) "Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds", Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security (CCS), Chicago, IL, November 2009.
     2. (Anusuya Arunachalam) "Verifiable privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking," W. Sun, B. Wang, N. Cao, M. Li, W. Lou, Y.T. Hou, and H. Li,  IEEE Transactions on Parallel and Distributed Systems (TPDS), 2014.
     3. (Sindhu Muttineni) "Privacy-preserving public auditing for data storage security in cloud computing", Cong Wang, Qian Wang, Kui Ren, Wenjing Lou, IEEE INFOCOM, 2010. 
     4. (Guillermo A. Gomez) "Large-Scale Privacy-Preserving Mapping of Human Genomic Sequences on Hybrid Clouds", Yangyi Chen, Bo Peng, Xiaofeng Wang and Haixu Tang, NDSS Symposium 2012

  Botnet
    1. (Kumar Raghav Poojari) Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee. "BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection." In Proceedings of the 17th USENIX Security Symposium (Security'08), San Jose, CA, 2008.
    2. (Segrey Kovalenko) Ping Wang, Sherri Sparks, Cliff C. Zou. "An Advanced Hybrid Peer-to-Peer Botnet", IEEE Transactions on Dependable and Secure Computing, 7(2), 113-127, April-June,2010.
    3. (Kexin Liao) "P2PWNED: Modeling and Evaluating the Resilience of Peer-to-Peer Botnets", Rossow, C.; Andriesse, D.; Werner, T.; Stone-Gross, B.; Plohmann, D.; Dietrich, C.J.; Bos, H., IEEE Symposium on Security and Privacy, 2013.
   4. (Aleksandr Nikolaev) Guofei Gu, Junjie Zhang, and Wenke Lee. "BotSniffer: Detecting Botnet Command and Control Channels in Network Traffic." In Proceedings of the 15th  Annual Network and Distributed System Security Symposium (NDSS'08), San Diego, CA, February 2008.

Smartphone Security
   1. (Aritz Lopez de Brinas Gorosabel) Yajin Zhou, Xuxian Jiang, "Detecting Passive Content Leaks and Pollution in Android Applications," Proceedings of the 20th Network and Distributed System Security Symposium (NDSS 2013), San Diego, CA, February 2013.
   2. (Basundhara Dey) "A Study of Android Application Security", William Enck, Damien Octeau, Patrick McDaniel,and Swarat Chaudhuri, USENIX Security Symposium, August 2011.
   3. (Rohit Durvasula) Lei Wu, Michael Grace, Yajin Zhou, Chiachih Wu, Xuxian Jiang, "The Impact of Vendor Customizations on Android Security," Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS 2013), Berlin, Germany, November 2013.
   4. (Jaskaran Bhatti) Yuan Zhang, Min Yang, Bingquan Xu, Zhemin Yang, Guofei Gu, Peng Ning, X. Sean Wang and Binyu Zang. "Vetting Undesirable Behaviors in Android Apps with Permission Use Analysis." In Proc. of the 20th ACM Conference on Computer and Communications Security (CCS’13), Berlin, Germany, November 2013.

Social Networking Security
  1. (Joshua Keller) Chao Yang, Robert Harkreader, Jialong Zhang, Suengwon Shin, and Guofei Gu. "Analyzing Spammers' Social Networks For Fun and Profit -- A Case Study of Cyber Criminal Ecosystem on Twitter." in Proceedings of the 21st International World Wide Web Conference (WWW'12), Lyon, France, April 2012.
  2. (Vinay Chander) "Preserving Link Privacy in Social Network Based Systems". Prateek Mittal, Charalampos Papamanthou, Dawn Song. Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS). February 2013.
 3. (Rouda Al-Kuwari)  "Efficient and Scalable Socware Detection in Online Social Networks", Md Sazzadur Rahman, Ting-Kai Huang, Harsha V. Madhyastha, Michalis Faloutsos, USENIX Security Symposium 2012 .

Virtual Machine Security
  1. (Anvesh Thota) Garfinkel, Tal and Pfaff, Ben and Chow, Jim and Rosenblum, Mendel and Boneh, Dan. "Terra: A Virtual Machine-based Platform for Trusted Computing", Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles (SOSP'03), 2003.
  2. (Sailakshmivaishnavi Kalidindi) Payne, Bryan D. and Carbone, Martim and Sharif, Monirul and Lee, Wenke,  "Lares: An Architecture for Secure Active Monitoring Using Virtualization",  Proceedings of the 2008 IEEE Symposium on Security and Privacy (SP '08), 2008.
  3. Ryan Riley, Xuxian Jiang, Dongyan Xu, "Guest-Transparent Prevention of Kernel Rootkits with VMM-based Memory Shadowing," Proceedings of the 11th International Symposium on Recent Advances in Intrusion Detection (RAID 2008), Boston, MA, September 2008.
  4. Zhi Wang, Xuxian Jiang, "HyperSafe: A Lightweight Approach to Provide Lifetime Hypervisor Control-Flow Integrity," Proceedings of the 31st IEEE Symposium on Security and Privacy (Oakland 2010), Oakland, CA, May 2010.

Side-Channel Attack
    1. (Mohammed ALMARRI) "Timing Analysis of Keystrokes and Timing Attacks on SSH". Song, Dawn Xiaodong and Wagner, David and Tian, Xuqing, USENIX Security Symposium, 2001.
    2. (Nishanth Athelli) "On the Feasibility of Side-Channel Attacks with Brain-Computer Interfaces", Ivan Martinovic, Doug Daviesy, Mario Franky, Daniele Peritoy, Tomas Rosz, Dawn Song, USENIX Security Symposium 2012.
    3. (Shreyas Somashekara) Zhenyu Wu, Zhang Xu, and Haining Wang, "Whispers in the Hyper-space: High-bandwidth and Reliable Covert Channel Attacks inside the Cloud", To appear in IEEE/ACM Transactions on Networking, 2014.

Web Security
   1. (Navjot Singh Chhoker) "Protecting Browsers from Extension Vulnerabilities", Adam Barth , Adrienne Porter Felt, Prateek Saxena, Aaron Boodman, NDSS Symposium 2010.