Software & Systems Security Seminar

Time and location

• Time: Fridays 2-3pm

• Location: ECSS 4.214

• Instructor: Chung Hwan Kim

Schedule

Week	Date	Topic(s)	Facilitator(s)	Paper(s)
1	5/27	-	Chung Hwan Kim	Organizational meeting
2	6/3	Malware Classification	Kunal Mukherjee	Transcending Transcend: Revisiting Malware Classification in the Presence of Concept Drift [S&P 2022]
3	6/10	Fuzzing	Yuqun Zhang (Guest Speaker) Talk Information	One Fuzzing Strategy to Rule Them All [ICSE 2022]
4	6/17	Firmware Patching	Zelun Kong	RapidPatch: Firmware Hotpatching for Real-Time Embedded Devices [Security 2022]
5	6/24	Drone Forensics	Sudharssan Mohan	RVPLAYER: Robotic Vehicle Forensics by Replay with What-if Reasoning [NDSS 2022]
6	7/1	Causality Analysis	Kunal Mukherjee	DEPCOMM: Graph Summarization on System Audit Logs for Attack Investigation [S&P 2022]
7	7/8	ML Backdoor	Junfeng Guo	BadEncoder: Backdoor Attacks to Pre-trained Encoders in Self-Supervised Learning [S&P 2022]
8	7/15	TrustZone for CPS	Zelun Kong	RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZone [S&P 2022]
9	7/22	MMIO Monitoring	Zelun Kong	M2MON: Building an MMIO-based Security Reference Monitor for Unmanned Vehicles [Security 2021]
10	7/29	Drone Fuzzing	Sudharssan Mohan	PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles [NDSS 2022]
11	8/5	Sensor Recovery	Sudharssan Mohan	Software-based Realtime Recovery from Sensor Attacks on Robotic Vehicles [RAID 2020]
12	8/12	ML Backdoor Detection	Junfeng Guo	Piccolo: Exposing Complex Backdoors in NLP Transformer Models [S&P 2022]
13	8/19	ML Trojan	Kunal Mukherjee	Detecting AI Trojans Using Meta Neural Analysis [S&P 2021]

Overview

The Summer 2022 offering of the Software & Systems Security Seminar will cover a variety of security topics, with an eye toward two goals.

• Increase participants' familiarity with recent and important results in the areas of software and systems security research. Attendees will read and discuss papers from recent and imminent top-tier security conferences: e.g., IEEE S&P, USENIX Security, CCS, NDSS, and security-related systems and software engineering conferences, and so on. Attendees will typically discuss one paper each week. Papers will be selected for their relevance to participants' research or upcoming UTD visitors.

• Be a venue for student presentations. Every student participating in the seminar will be required to lead at least one meeting during the semester. This may be a "formal" research presentation--ideally of a student's current work--or it may be an analysis of the research papers chosen for a seminar meeting.

Participation

To participate in the seminar, please get on the seminar mailing list. Use Sympa to subscribe to s3sem.

Potential Papers

Upcoming and recent conference proceedings are good sources of papers for discussion. Below are links to some relevant conference series.

• Security: IEEE S&P, USENIX Security, CCS, NDSS, EuroS&P, ACSAC, ASIACCS, RAID, ESORICS, CODASPY, HotSec, WOOT, SecDev, Black Hat

• Systems: OSDI, SOSP, USENIX ATC, EuroSys, ASPLOS, SOCC, SIGMETRICS, SenSys, FAST, VEE, DSN, ICDCS

• Software Engineering / Compilers: PLDI, ICSE, ESEC/FSE, ASE, POPL, SPLASH/OOPSLA, ECOOP, CGO

• Computer Architecture: ISCA, MICRO

Past Seminars

• Spring 2021