University of Minnesota
Program Analysis for Security
index.php

Overview

Description: Software vulnerabilities and malicious software (malware) are some of the biggest challenges in computer security, but the scope of these challenges is so large that developers and analysts have a hard time keeping up. New vulnerabilities are discovered every day even in software that has been extensively audited and tested, and new malware variants are produced faster than humans can analyze them. To deal with these security challenges more reliably and efficiently, we need automated program analysis technologies that can discover vulnerabilities or check their absence, transform programs to improve their security, or infer policies or models of security-relevant behavior from benign or malicious software. Though important, security analysis can be challenging because of the adversarial nature of threats, and because of limited information: for instance, vulnerable commercial software or malware will usually not come with source code.

This advanced research seminar will introduce a number of security problems to which we can apply program analysis, and some of the analysis techniques that are particularly suited to security tasks. A recurring theme will be analysis of software at the instruction (or binary) level rather than with source code. Some specific topics include:

  • Symbolic execution
  • Dynamic taint analysis
  • Static information flow
  • Quantitative information flow
  • Test generation for security
  • Binary hardening and CFI
  • SFI and Native Client
  • Policy inference
  • Side channels attacks and defenses
  • Verification
  • Model extraction
  • Reverse engineering

The course is intended to be suitable for students whose primary interest is either program analysis techniques (as also used in programming languages or compilers) or security applications, and does not assume previous knowledge of any of the topics listed above. Students with background in one of the two areas should be prepared to do some background reading in the other.

Course Format: Research seminar with final project. Students will read (primarily recent) research papers in the subject areas listed, and provide written answers to short comprehension and discussion questions in advance of in-class discussion. Class sessions will be primarily discussion, intermixed with lecture presentations by the instructor and paper presentations by students (one each). There will also be some programming assignments to give students practical experience with analysis tools. There will be no exams, but students will complete a substantial final project in groups of up to three. The project should address a novel research question in the area of security via program analysis and/or using the analysis techniques covered in class. Groups will propose a project early in the semester, and submit periodic progress reports. Near the end of the semester, groups will submit final reports in the format of a research paper, and give an in-class presentation.

Schedule: Schedule: Mondays and Wednesdays, 2:30-3:45pm, Keller Hall 2-260

Prerequisites: CSci 5161 (Intro. to Compilers) or CSci 5271 (Intro. to Computer Security), or consent of the instructor.