Software & Systems Security Seminar¶
Time and location¶
Time: Fridays 09:30-10:30am
Location: ECSS 4.214
Instructor: Chung Hwan Kim
Schedule¶
| Week | Date | Topic(s) | Facilitator(s) | Paper(s) |
| 1 | 5/26 | ML-based Security | Chun Hin Cheng | Dos and Don'ts of Machine Learning in Computer Security [Security 2022] |
| 2 | 6/2 | Trusted Computing for Bare-metal Embedded Systems | Chun Hin Cheng | PISTIS: Trusted Computing Architecture for Low-end Embedded Systems [Security 2022] |
| 3 | 6/9 | Data Race Attacks on Intel SGX | Chun Hin Cheng | Controlled Data Races in Enclaves: Attacks and Detection [Security 2023] |
| 4 | 6/16 | Robot Operating System | Zelun Kong | On the (In)Security of Secure ROS2 [CCS 2022] |
| 5 | 6/23 | Autonomous Driving Security | Chun Hin Cheng | Doppelganger Test Generation for Revealing Bugs in Autonomous Driving Software [ICSE 2023] |
| 6 | 6/30 | Attack Causality Analysis | Chun Hin Cheng | DISTDET: A Cost-Effective Distributed Cyber Threat Detection System [Security 2023] |
| 7 | 7/7 | Control Flow Integrity for Real-time Embedded Systems | Sudharssan Mohan | Holistic Control-Flow Protection on Real-Time Embedded Systems with Kage [Security 2022] |
| 8 | 7/14 | Memory Isolation for Bare-metal Embedded Systems | Chun Hin Cheng | OPEC: Operation-based Security Isolation for Bare-metal Embedded Systems [EuroSys 2022] |
| 9 | 7/21 | Fuzzing for RTOS | Zelun Kong | SFuzz: Slice-based Fuzzing for Real-Time Operating Systems [CCS 2022] |
| 10 | 7/28 | Patch Verification for Drone Controller Software | Sudharssan Mohan | PatchVerif: Discovering Faulty Patches in Robotic Vehicles [Security 2023] |
| 11 | 8/4 | Domain-specific Language for Drone Controller Patching | Chun Hin Cheng | Reverse Engineering and Retrofitting Robotic Aerial Vehicle Control Firmware using Dispatch [MobiSys 2022] |
| 12 | 8/11 | Reverse Engineering Python Malware | Sudharssan Mohan | PYFET: Forensically Equivalent Transformation for Python Binary Decompilation [S&P 2023] |
Overview¶
The Summer 2023 offering of the Software & Systems Security Seminar will cover a variety of security topics, with an eye toward two goals.
Increase participants' familiarity with recent and important results in the areas of software and systems security research. Attendees will read and discuss papers from recent and imminent top-tier security conferences: e.g., IEEE S&P, USENIX Security, CCS, NDSS, and security-related systems and software engineering conferences, and so on.
Be a venue for student presentations. This may be a "formal" research presentation--ideally of a student's current work--or it may be an analysis of the research papers chosen for a seminar meeting.
Participation¶
To participate in the seminar, please get on the seminar mailing list. Use Sympa to subscribe to s3sem.
Potential Papers¶
Upcoming and recent conference proceedings are good sources of papers for discussion. Below are links to some relevant conference series.
Security: IEEE S&P, USENIX Security, CCS, NDSS, EuroS&P, ACSAC, ASIACCS, RAID, ESORICS, CODASPY, HotSec, WOOT, SecDev, Black Hat
Systems: OSDI, SOSP, USENIX ATC, EuroSys, ASPLOS, SOCC, SIGMETRICS, MobiSys, SenSys, FAST, VEE, DSN, ICDCS
Software Engineering / Compilers: PLDI, ICSE, ESEC/FSE, ASE, POPL, SPLASH/OOPSLA, ECOOP, CGO