Software & Systems Security Seminar
Time and Location
Time: Fridays 11am-12pm
Location: ECSS 3.220
Instructor: Chung Hwan Kim
Schedule
| Week | Date | Topic(s) | Facilitator(s) | Paper(s) |
| 1 | 8/30 | Bluetooth Security | Sai Tharun Reddy Mulka | SoK: The Long Journey of Exploiting and Defending the Legacy of King Harald Bluetooth [S&P 2024] |
| 2 | 9/6 | Fuzzing with LLM | Zelun Kong | Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing [USENIX Security 2024] |
| 3 | 9/13 | Cloud Security | Mary Grace Kozuch | Fighting the Fog of War: Automated Incident Detection for Cloud Systems [USENIX ATC 2021] |
| 4 | 9/20 | GPS Spoofing | Sudharssan Mohan | SwarmFuzz: Discovering GPS Spoofing Attacks in Drone Swarms [DSN 2023] |
| 5 | 9/27 | RTOS Fuzzing | Minkyung Park | SFuzz: Slice-based Fuzzing for Real-Time Operating Systems [CCS 2022] |
| 6 | 10/4 | Drone Testing | Sudharssan Mohan | Get Your Cyber-Physical Tests Done! Data-Driven Vulnerability Assessment of Robotic Aerial Vehicle [DSN 2023] |
| 7 | 10/11 | IoT Device Fuzzing | Zelun Kong | LABRADOR: Response Guided Directed Fuzzing for Black-box IoT Devices [S&P 2024] |
| 8 | 10/18 | - | - | No meeting |
| 9 | 10/25 | Sensor Fusion | Sudharssan Mohan | Malicious Attacks against Multi-Sensor Fusion in Autonomous Driving [MobiCom 2024] |
| 10 | 11/1 | Code Analysis with LLM | Zelun Kong | Large Language Models for Code Analysis: Do LLMs Really Do Their Job? [USENIX Security 2024] |
| 11 | 11/8 | Firmware Fuzzing | Minkyung Park | Forming Faster Firmware Fuzzers [USENIX Security 2023] |
| 12 | 11/15 | TBD | Sai Tharun Reddy Mulka | Title [Conf. Year] |
| 13 | 11/22 | IoT Firmware Security | Sai Tharun Reddy Mulka | Unveiling IoT Security in Reality: A Firmware-Centric Journey [USENIX Security 2024] |
Overview
The Fall 2024 offering of the Software & Systems Security Seminar will cover a variety of security topics, with an eye toward two goals.
Increase participants' familiarity with recent and important results in the areas of software and systems security research. Attendees will read and discuss papers from recent and imminent top-tier security conferences: e.g., IEEE S&P, USENIX Security, CCS, NDSS, and security-related systems and software engineering conferences, and so on.
Be a venue for student presentations. This may be a "formal" research presentation--ideally of a student's current work--or it may be an analysis of the research papers chosen for a seminar meeting.
Participation
To participate in the seminar, please get on the seminar mailing list. Use Sympa to subscribe to s3sem.
Potential Papers
Upcoming and recent conference proceedings are good sources of papers for discussion. Below are links to some relevant conference series.
Security: IEEE S&P, USENIX Security, CCS, NDSS, EuroS&P, ACSAC, ASIACCS, RAID, ESORICS, CODASPY, Black Hat
Systems: OSDI, SOSP, USENIX ATC, EuroSys, ASPLOS, SOCC, SIGMETRICS, MobiSys, SenSys, FAST, VEE, DSN, ICDCS
Software Engineering / Compilers: PLDI, ICSE, ESEC/FSE, ASE, POPL, SPLASH/OOPSLA, ECOOP, CGO
Workshops: SecDev, BAR, VehicleSec, SpaceSec, SafeThings, CPSIoTSec, WOOT