CSci680 - Systems Security

CSCI 680: Systems Security, Fall 2017

General Information

Prerequisites

Students are expected to have a good understanding of the basic computer organization and design.

Course Materials

Most of the material will be based on the research papers. You might find useful following books:

Course Description

This course focuses on recent advances in computer systems security, including both attacks and countermeasures. An emphasis will be placed on attacks that exploit hardware vulnerabilities and hardware and software protections from these attacks. Specific topics include memory corruption attacks, control flow attacks, return-oriented programming attacks and their variations, side—channel attacks, covert channels, trusted computing systems and secure architectures, malware detection techniques, oblivious memory, and operating system security. The course will also overview recent industry developments, including Intel’s SGX, MPX and CET, ARM’s TrustZone and AMD’s SME and SEV technologies. Students are expected to read recent research papers in the area, present them in class and participate in discussions. Students are also expected to complete a semester-long research project and take a final exam.

Grade Distribution

General Information

Paper Critiques and Homeworks

Student presentation order:

List of papers to be presented

Paper ID Title Student name
[P1] InvisiMem: Smart Memory Defenses for Memory Bus Side Channel Lishan Yang
[P2] ObfusMem: A Low-Overhead Access Obfuscation for Trusted Memories Gurunath Kadam
[P3] EDDIE: EM-Based Detection of Deviations in Program Execution George Simmons
[P4] Quantifying and Improving the Efficiency of Hardware-based Mobile Malware Detectors Jialiang Tan
[P5] Reverse Engineering x86 Processor Microcode Bolun Li
[P6] Prime+Abort: A Timer-Free High-Precision L3 Cache Attack using Intel TSX Pengfei Su
[P7] CAn’t Touch This: Software-only Mitigation against Rowhammer Attacks targeting Kernel Memory Lishan Yang
[P8] Strong and Efficient Cache Side-Channel Protection using Hardware Transactional Memory Pengfei Su
[P9] PyTrigger: A System to Trigger & Extract User-Activated Malware Behavior Tao Zhang
[P10] 6thSense: A Context-aware Sensor-based Attack Detector for Smart Devices Bolun Li
[P11] Telling Your Secrets without Page Faults: Stealthy Page Table-Based Attacks on Enclaved Execution Hongyuan Liu
[P12] USB Snooping Made Easy: Crosstalk Leakage Attacks on USB Hubs Tao Zhang
[P13] Another Flip in the Wall of Rowhammer Defenses Hongyuan Liu
[P14] CLKSCREW: Exposing the Perils of Security-Oblivious Energy Management Jialiang Tan
[P15] Malware Guard Extension: Using SGX to Conceal Cache Attacks Gurunath Kadam

Instructions for paper critiques:

All students are required to submit a detailed critique for one of the two papers presented in class. The student who presents the paper in-class is not allowed to submit the critique for that particular paper. However, s/he still needs to submit a critique. Deadline for critique submission is one week after we discuss the paper in class.

Submission Format:

Each critique should not exceed one-page and must consists of four sections:

  1. Paper summary (2-3 lines)
  2. Strengths (2-3 lines), what you liked about the paper
  3. Weaknesses (2-3 lines), what you did not like
  4. Detailed comments (rest of the page) explaining your points

You are encouraged to discuss the papers and homeworks with each other but should write critiques on your own.

In-Class Presentations

Each student will present two papers throughout the semester. If you plan to audit the course, you are required to present at least one paper. When you present a paper, be prepared to answer a variety of questions asked by the instructor or other fellow students. The goal is to make class lively. A list of papers will be provided to students. They can choose from that list or come up with their own suggestions. Suggestions would need approval from the instructor.

During each student presentation, each student (except the presenter) needs to fill the student feedback form. You will be provided with a copy of the form.

Please, share your presentation slides with your fellow students on Piazza after your presentation.

Semester-Long Research Project

Registered students are expected to perform a semester-long research project. If you audit the class you can choose to perform a project. All projects need to be approved by the instructor. Please contact the instructor early to brainstorm potential project ideas. Students are expected to demonstrate some scientific novelty. Suggested topics will be announced by the instructor. However, students are allowed to choose a topic of their interest if (topic needs to overlap with a broader definition of systems security).

You can form teams of two students to work on a project. If you choose to do that, explain in your final report what part of the project were done by each student. Multiple students can work on a same topic independently.

Project Timeline

Phase 1 – Project determination:

Please send an email to the instructor by the deadline (Sep 26) containing:

  1. Project Name (think of this as your paper/report title)
  2. Problem Statement
  3. Expected Steps (setting up infrastructure, implementation, performing experiment, data analyses, etc.)
  4. Expected/possible outcome and contribution

Phase 2 – Project discussion with instructor

Please meet the instructor during office hours to discuss the status of your project. Explain any observed obstacles, plans, further expectations. Your project’s proposal can be adjusted at this phase.

Phase 3 – Milestone presentation

You are expected to present your progress in class in the middle of semester. Prepare a short (10-15 minutes presentation). The presentation should include:

  1. Short introduction (background, problem statement, etc.)
  2. Explain what you are working on currently and your results so far
  3. Your next steps
  4. Expected results

Phase 4 – Final Project Presentation

You are expected to present your results in class at the end of semester. Minimize background and problem statement in your presentation and focus on results and conclusions. The presentation is expected to take 10-15 minutes followed by a discussion.

Phase 5 – Final report

Please submit your final report via email your final project report in PDF format. Please use the ACM sigconf format. The PDF should have following sections:

  1. Problem Statement
  2. Introduction (with problem statement)
  3. Threat model (clearly explain all your assumptions)
  4. Background and Related Work
  5. Implementation Details
  6. If you are proposing some security solution, also include a security analyses section
  7. Results
  8. Conclusions

If you need any help with the project or have any questions contact the instructor during office hours. If you require access to computational resources or any hardware, talk to the instructor.

Semester Schedule (Watch for updates)

Week Date Topic Reading Notes
1 Thu, Aug 31, 17 Introduction to the Course Recommended: How to read a research paper by Mitzenmacher; How to read a paper by Keshav  
2 Tue, Sep 5, 17 Security fundamentals, trust and trustworthiness, multi-level attacks Recommended: Reflections on trusting trust by Ken Thomson; Thirty Years Later: Lessons from the Multics Security Evaluation by Karger  
  Thu, Sep 7, 17 Software attacks overview, defenses Recommended: Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade by Cowan; SoK: Eternal War in Memory by Szekeres  
3 Tue, Sep 12, 17 More software attacks and Cryptography overview Read: https://goo.gl/VDZSeY Watch: https://youtu.be/YEBfamv-_do Recommended: The Matter of Heartbleed https://goo.gl/i1LNAK  
  Thu, Sep 14, 17 Code reuse attacks and defenses On the Effectiveness of Address-Space Randomization by Shacham https://goo.gl/1GTFif  
4 Tue, Sep 19, 17 Timing, side and covert channel attacks I Cache Missing for Fun and Profit by Colin Percival: https://goo.gl/21Qnyt  
  Thu, Sep 21, 17 Timing, side and covert channel attacks II, DRAM attacks I Lest We Remember: Cold-Boot Attacks on Encryption Keys by Halderman: https://goo.gl/WBBxPU  
5 Tue, Sep 26, 17 DRAM attacks II    
  Thu, Sep 28, 17 Physically unclonable functions Physical Unclonable Functions for Device Authentication and Secret Key Generation by Suh https://goo.gl/MWkUns  
6 Tue, Oct 3, 17 Trusted computing, Isolation and confinement I Native Client: A Sandbox for Portable, Untrusted x86 Native Code by Yee https://goo.gl/2SCGyj  
  Thu, Oct 5, 17 Isolation and confinement II Innovative Instructions and Software Model for Isolated Execution by McKeen https://goo.gl/pyVZTB  
7 Tue, Oct 10, 17 Fault injection attacks Recommended: A Survey of Hardware Trojan Taxonomy and Detection by Tehranipoor https://goo.gl/cAvN6T  
  Thu, Oct 12, 17 Hardware trojans, malware overview    
8 Tue, Oct 17, 17 Fall break    
  Thu, Oct 19, 17 Paper presentation [S1:P4], [S2:P2]    
9 Tue, Oct 24, 17 Paper presentation [S3:P1], [S4:P5]    
  Thu, Oct 26, 17 Paper presentation [S5:P9], [S6:P11]    
10 Tue, Oct 31, 17 Canceled (Traveling to CCS) Watch https://youtu.be/PLJJY5UFtqY  
  Thu, Nov 2, 17 Canceled (Traveling to CCS) Watch https://youtu.be/lR0nh-TdpVg  
11 Tue, Nov 7, 17 Project milestone presentations [S1/S4,S2,S3]    
  Thu, Nov 9, 17 Project milestone presentations [S4,S5,S6]    
12 Tue, Nov 14, 17 Paper presentation [S7:P6]    
  Thu, Nov 16, 17 Paper presentation [S1:P14], [S2:P15]    
13 Tue, Nov 21, 17 Paper presentation [S3:P7], [S4:P10]    
  Thu, Nov 23, 17 Thanksgiving Break    
14 Tue, Nov 28, 17 Paper presentation [S5:P12], [S6:P13]    
  Thu, Nov 30, 17 Paper presentation [S7:P8; P3]    
15 Tue, Dec 5, 17 Project presentations, final overview    
  Thu, Dec 7, 17 Project presentations, final overview    
Finals Wed, Dec 13, 17 Will include questions from lectures and presented papers   2:00pm – 5:00pm

Helpful Services

Students wanting to improve their academic writing or teaching/presenting skills should consider taking GRAD 520: ACADEMIC WRITING and GRAD 550: COLLEGE TEACHING. The courses are offered through the Reves Center and are aimed at non-native English speakers, specifically. If interested please contact Glosson, Sarah G at sgglos@wm.edu.

The Writing Resources Center (WRC) can help when students have questions about how to construct an argument, deliver a presentation, use and cite sources, and more. Please visit the WRC website to request a class visit, tour, or brochures. The Writing Resources Center, located on the first floor of Swem Library, is a free service provided to W&M students. Trained consultants offer individual assistance with writing, presentation, and other communication assignments across disciplines and at any stage, from generating ideas to polishing a final product.

Academic Accommodations

It is the policy of The College of William and Mary to accommodate students with disabilities and qualifying diagnosed conditions in accordance with federal and state laws. Any student who feels s/he may need an accommodation based on the impact of a learning, psychiatric, physical, or chronic health diagnosis should contact Student Accessibility Services staff at 757-221-2509 or at sas@wm.edu to determine if accommodations are warranted and to obtain an official letter of accommodation. For more information, please click here.

Honor Code

Students are required to follow the Honor System of the College of William and Mary.