CSCI 680: Systems Security, Fall 2018

General Information


Prerequisites

Students are expected to have a good understanding of computer organization basics, operating systems principals and programming.


Course Materials

Lecture slides will be posted on Piazza. Links to research papers used in this course will be posted on course’s website.

Recommended books:

Other useful books:


Course Description

This course focuses on recent advances in computer systems security, including both attacks and countermeasures. An emphasis will be placed on attacks that exploit hardware vulnerabilities and hardware and software protections from these attacks. Specific topics include memory corruption attacks, control flow attacks, return-oriented programming attacks and their variations, side—channel attacks, speculative execution attacks (Meltdown & Spectre), trusted computing systems and secure architectures, malware detection techniques, and operating system security. The course will also overview recent industry developments such as Intel’s SGX and ARM’s TrustZone. Students are expected to read recent research papers in the area, present them in class and participate in discussions. Students are also expected to complete a semester-long research project and take a take-home midterm and a final exam.


Grade Distribution


General Information


Paper Critiques and Homeworks

Instructions for paper critiques:

All students are required to submit a detailed critique for one paper presented in class. Typically there will be two students presenting. The student who presents a paper in-class is not allowed to submit the critique for that particular paper. However, s/he still needs to submit a critique. Critiques must be submitted before the beginning of class in which the paper is discussed.

Submission Format:

Each critique should not exceed one-page and must consist of four sections:

  1. Paper summary (2-3 lines)
  2. Strengths (2-3 lines), what you liked about the paper
  3. Weaknesses (2-3 lines), what you did not like
  4. Detailed comments (rest of the page) explaining your points

Homeworks

There will be several homeworks covering practical aspects of the material introduced in class. Student will be asked to implement attacks, apply protections, etc.

Students are encouraged to discuss papers and homework problems with other students, but must write their own critiques and homework solutions.


In-Class Presentations

Each student will present one or two papers throughout the semester. If you plan to audit the course, you are required to present at least one paper. When you present a paper, be prepared to answer a variety of questions asked by the instructor and fellow students. The goal is to make class lively. A list of papers will be provided to students. Students will be allowed to choose papers from the list or suggest other papers. Suggested papers need to be approved by the instructor.

During each student presentation, each student (except the presenter) needs to fill the student feedback form. You will be provided with a copy of the form.

Please, share your presentation slides with your fellow students on Piazza after your presentation.


Semester-Long Research Project

Registered students are expected to perform a semester-long research project. If you audit the class, the project is optional. All projects need to be approved by the instructor. Please contact the instructor early to brainstorm potential project ideas. Projects are expected to demonstrate novelty. A limited list of topics will be announced by the instructor. However, students are encouraged to choose a topic of their interest. The topic needs to overlap with a broader definition of systems security. Remember, the key to successful project is making steady progress and starting early, not trying to finish your project the night before the deadline.

You can form teams of two students to work on the project. If you choose to do that, explain in your final report what part of the project was done by each student. Multiple students can work on same topic independently.

Project Timeline

Phase 1 – Project determination:

Please send an email to the instructor before the deadline containing:

  1. Project Name (think of this as your paper/report title)
  2. Problem Statement
  3. Expected Steps (setting up infrastructure, implementation, performing experiment, data analyses, etc.)
  4. Expected/possible outcome and contribution

Phase 2 – Project discussion with instructor

Please meet the instructor during office hours to discuss the status of your project. Explain any observed obstacles, plans, further expectations. Your project’s proposal can be adjusted at this phase.

Phase 3 – Milestone presentation

You are expected to present your progress to the instructor in the middle of semester. Prepare a short (10-15 minutes presentation). The presentation should include:

  1. Short introduction (background, problem statement, etc.)
  2. Explain what you are working on currently and your results so far
  3. Your next steps
  4. Expected results

Phase 4 – Final Project Presentation

You are expected to present your results to instructor at the end of semester. Minimize background and problem statement in your presentation and focus on results and conclusions. The presentation is expected to take 10-15 minutes.

Phase 5 – Final report

Please submit your final report via email your final project report in PDF format. Please use the ACM sigconf format. The PDF should have following sections:

  1. Problem Statement
  2. Introduction (with problem statement)
  3. Threat model (clearly explain all your assumptions)
  4. Background and Related Work
  5. Implementation Details
  6. If you are proposing some security solution, include a security analyses section
  7. Results
  8. Conclusions

If you need any help with the project or have any questions, contact the instructor during office hours. If you require access to computational resources or any specific hardware, talk to the instructor.


Examinations

Students will be asked to take a take home Midterm and Final exam. Midterm will cover lectures until the exam. Final exam will be comprehensive and will cover all material until the end of the semester including papers presented in class.


Semester Schedule

Tentative schedule. Please watch for updates!

Week Date Topic Reading
1 Thu, Aug 30, 18 Introduction to the Course Recommended: How to read a research paper by Mitzenmacher; How to read a paper by Keshav
2 Tue, Sep 4, 18 Security fundamentals, trust and trustworthiness, threat models, multi-level attacks Required: Reflections on trusting trust by Ken Thomson
  Thu, Sep 6, 18 Multi-level attacks II  
3 Tue, Sep 11, 18 CANCELLED due to Hurricane  
  Thu, Sep 13, 18 CANCELLED due to Hurricane  
4 Tue, Sep 18, 18 Access Control, Authentication, Passwords, Permissions Recommended: Computer Security book: I.1 - I.3
  Thu, Sep 20, 18 Memory Organization, Stack, ABI Recommended: Computer Security book Chapter I.4.1 - I.4.2; References: Virtual memory reference, X86 Calling Convention
5 Tue, Sep 25, 18 Buffer Overflow Attacks and Protections Required: On the Effectiveness of Address-Space Randomization by Shacham, Recommended: SoK: Eternal War in Memory by Szekeres, Smashing the Stack for Fun and Profit, Computer Security book: I.4
  Thu, Sep 27, 18 Code Reuse Attacks and Protections Required: The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)
6 Tue, Oct 2, 18 Integer Overflow and Format String Attacks, Protections Recommended: Integer Overflow, Exploiting Format String Vulnerabilities; Computer Security book: I.6, Security in Computing: Chapter 3.1 “Integer Overflow”
  Thu, Oct 4, 18 Cryptography Overview I  
7 Tue, Oct 9, 18 Cryptography Overview II  
  Thu, Oct 11, 18 Side and Covert Channel Attacks I Required: Cache Missing for Fun and Profit by Colin Percival
8 Tue, Oct 16, 18 Fall Break  
  Thu, Oct 18, 18 Side and Covert Channel Attacks II Required: Jump Over ASLR
9 Tue, Oct 23, 18 Side and Covert Channel Attacks III, Speculative Execution Attacks I Required: Meltdown, Spectre
  Thu, Oct 25, 18 Speculative Execution Attacks II Required: Meltdown, Spectre
10 Tue, Oct 30, 18 DRAM Attacks Required: Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors
  Thu, Nov 1, 18 Trusted computing, Isolation and confinement I Required: Native Client: A Sandbox for Portable, Untrusted x86 Native Code
11 Tue, Nov 6, 18 Isolation and confinement II Required: Innovative Technology for CPU Based Attestation and Sealing
  RESCHEDULED Mon, Nov 12 5:30PM, McGlth 002 Fault injection attacks Recommended: Fault attacks on RSA’s signatures
12 Tue, Nov 13, 18 Paper Presentation (by Robert, Andrew) FPGA-Based Remote Power Side-Channel Attacks, No Training Hurdles: Fast Training-Agnostic Attacks to Infer Your Typing
  Thu, Nov 15, 18 Paper Presentation (by Jacob, Qihan) Rendered Insecure: GPU Side Channel Attacks are Practical, Practical Memory Safety with REST
13 Tue, Nov 20, 18 Paper Presentation (by Brian, Adaeze) A Bad Dream: Subverting Trusted Platform Module While You Are Sleeping, SoK: Keylogging Side Channels
  Thu, Nov 22, 18 Thanksgiving Break  
14 Tue, Nov 27, 18 Paper Presentation (by Amit, Ken) Shielding Software From Privileged Side-Channel Attacks, DATA – Differential Address Trace Analysis: Finding Address-based Side-Channels in Binaries
  Thu, Nov 29, 18 Paper Presentation (by Kaushal, Nathan) JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks, Translation Leak-aside Buffer: Defeating Cache Side-channel Protections with TLB Attacks
15 Tue, Dec 4, 18 Paper Presentation (by Russell) NetSpectre: Read Arbitrary Memory over Network
  Thu, Dec 6, 18 Final Review  
Finals Mon, Dec 10 Time: 2:00pm – 5:00pm, regular room  

Helpful Services

Students wanting to improve their academic writing or teaching/presenting skills should consider taking GRAD 520: ACADEMIC WRITING and GRAD 550: COLLEGE TEACHING. The courses are offered through the Reves Center and are aimed at non-native English speakers, specifically. If interested please contact Glosson, Sarah G at sgglos@wm.edu.

The Writing Resources Center (WRC) can help when students have questions about how to construct an argument, deliver a presentation, use and cite sources, and more. Please visit the WRC website to request a class visit, tour, or brochures. The Writing Resources Center, located on the first floor of Swem Library, is a free service provided to W&M students. Trained consultants offer individual assistance with writing, presentation, and other communication assignments across disciplines and at any stage, from generating ideas to polishing a final product.


Academic Accommodations

It is the policy of The College of William and Mary to accommodate students with disabilities and qualifying diagnosed conditions in accordance with federal and state laws. Any student who feels s/he may need an accommodation based on the impact of a learning, psychiatric, physical, or chronic health diagnosis should contact Student Accessibility Services staff at 757-221-2509 or at sas@wm.edu to determine if accommodations are warranted and to obtain an official letter of accommodation. For more information, please click here.


Honor Code

Students are required to follow the Honor System of the College of William and Mary.