Computer and Systems Security

CS 205 - Spring 2023

Overview Schedule/Readings Attack/Tool Presentations Course Project

Readings

Paper Response Guidelines

Write a ~400 word critical response and comments to each required paper. Focus on the following:

State the problem that they try to solve and the main contributions.
Describe the key insight or novelty of their proposed work or approach.
What are the weakness/limitations of the paper? Write the criticisms.
Any improvements or related ideas that you can suggest?

Your most important task is to demonstrate that you've read the paper and thought carefully about the topic. No copy and paste of the original paper text!

Paper responses are due before the start of class via Canvas Assignments.

Discussion Lead and Bonus

Please take a look at the papers in each session. If you are interested in leading the discussion of any session, you should sign up on the sign-up sheet in Canvas and get a bonus for waiving 4 paper summaries.
As a discussion lead, two tasks are expected: 1) You will provide a 20-min presentation of the paper that will be discussed in class with slides. 2) You should prepare yourself by reading the technical details carefully and coming up with a list of discussion points. The discussion points should be designed to engage students in critical and creative thinking. Think about the points ahead of time and be prepared to answer questions other students may throw at you.
Send ahead of time your discussion points to me on Canvas and get feedback from me. Please allow 2 days to receive the feedback. This will be a good opportunity for you to learn to discuss ideas around a research topic and it generally helps your presentation/communication skills.

Reading List

Most papers should be publicly accessible. If any links are broken, please search for them. If any of them require paid subscription, you can access them for free when connecting on campus. For off-campus access, try UCI VPN.

Week 1

Tuesday, April 4

Introduction.

Thursday, April 6 - Security Mindset

The Security Mindset, Bruce Schneier. 2008. -- No summary required; Just read this and come to class

Week 2

Tuesday, April 11 - Software Security I

Smashing the Stack for Fun and Profit. Aleph One. Phrack 49(14), Nov. 1996. -- No summary required; Just read this and come to class

Thursday, April 13 - Software Security II

StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. Cowan, Pu, Maier, Hinton, Walpole, Bakke, Beattie, Grier, Wagle, and Zhang. Usenix Security 1998.

On the Effectiveness of Address-Space Randomization. Shacham, Page, Pfaff, Goh, Modadugu, and Boneh. CCS 2004.
A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities, Wagner, Foster, Brewer, and Aiken. NDSS 2000

Week 3

Tuesday, April 18 - Software Security III
- Form your project group by today!

The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). Hovav Shacham. CCS 2007.

Control Flow Integrity for COTS Binaries. Zhang and Sekar. Usenix Security 2013.
N-Variant Systems: A Secretless Framework for Security through Diversity, Cox, Evans, Filipi, Rowanhill, Hu, Davidson, Knight, Nguyen-Tuong, Hiser. USENIX Security 2006
Modular Control-Flow Integrity. Niu and Tan. PLDI 2014.

Thursday, April 20 - Malware I

Understanding Linux Malware. Cozzi, Graziano, Fratantonio, Balzarotti. IEEE S&P 2018.

Reflections on Trusting Trust. Ken Thompson. Communications of the ACM, 27(8), Aug. 1984.
From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel. Xu, Li, Shu, and Yang. CCS 2015.

Week 4

Tuesday, April 25 – Malware II

A Hardware-Software Co-design for Efficient Intra-Enclave Isolation. Gu, Zhu, Li, Li, Xia, and Chen. Usenix Security 2022.

SchrodinText: Strong Protection of Sensitive Textual Content of Mobile Applications. Ardalan Amiri Sani. Mobisys 2017.
ret2dir: Rethinking Kernel Isolation. Kemerlis, Polychronakis, Keromytis. USENIX Security 2014.
ProtectIOn: Root-of-Trust for IO in Compromised Platforms. Dhar, Ulqinaku, Kostiainen, and Capkun. NDSS 2020.

Thursday, April 27 - Smartphone Systems Security

Peeking into Your App without Actually Seeing It: UI State Inference and Novel Android Attacks. Chen, Qian, and Mao. Usenix Security 2014.

What the App is That? Deception and Countermeasures in the Android User Interface. Bianchi, Corbetta, Invernizzi, Fratantonio, Kruegel, and Vigna. IEEE S&P 2015.
Cloak and Dagger: From Two Permissions to Complete Control of the UI Feedback Loop. Fratantonio, Qian, Chung, and Lee. IEEE S&P 2017.

Week 5

Tuesday, May 2 - Pre-Proposal Presentation

No readings!

Thursday, May 4 - IoT/CPS Systems Security I

The Circle Of Life: A Large-Scale Study of The IoT Malware Lifecycle. Alrawi, Lever, Valakuzhy, Court, Snow, Monrose, and Antonakakis. Usenix Security 2021.

ContexIoT: Towards Providing Contextual Integrity to Appified IoT Platforms. Jia, Chen, Wang, Rahmati, Fernandes, Mao, and Prakash. NDSS 2017.
Security Analysis of Emerging Smart Home Applications. Fernandes, Jung, and Prakash. IEEE S&P 2016.
SoK: Security Evaluation of Home-Based IoT Deployments. Alrawi, Lever, Antonakakis, and Monrose. IEEE S&P 2019.

Week 6

Tuesday, May 9 - IoT/CPS Systems Security II
- Written proposal due!

An Experimental Security Analysis of an Industrial Robot Controller. Quarta, Pogliani, Polino, Maggi, Zanchettin, and Zanero. IEEE S&P 2017.

Plug-N-Pwned: Comprehensive Vulnerability Analysis of OBD-II Dongles as A New Over-the-Air Attack Surface in Automotive IoT. Wen, Chen, and Lin. Usenix Security 2020.
Comprehensive Experimental Analyses of Automotive Attack Surfaces. Checkoway, McCoy, Kantor, Anderson, Shacham, Savage, Koscher, Czeskis, Roesner, and Kohno. Usenix Security 2011.
Experimental Security Analysis of a Modern Automobile. Koscher, Czeskis, Roesner, Patel, Kohno, Checkoway, McCoy, Kantor, Anderson, Shacham, and Savage. IEEE S&P 2010.
Remote Exploitation of an Unaltered Passenger Vehicle. Miller and Valasek. DEF CON 23, Aug. 2015.

Thursday, May 11 – Android Application Security: Guest Lecture, Prof. Joshua Garcia (Informatics)

No readings!

A Taxonomy and Qualitative Comparison of Program Analysis Techniques for Security Assessment of Android Software. Sadhegi, Bagheri, Garcia, and Malek. IEEE TSE 2016.
Automatic Generation of Inter-Component Communication Exploits for Android Applications. Garcia, Hammad, Ghorbani, and Malek. ESEC/FSE 2017.
Lightweight, Obfuscation-Resilient Detection and Family Identification of Android Malware. Garcia, Hammad, and Malek. ACM TOSEM 2018.
SALMA: Self-Protection of Android Systems from Inter-Component Communication Attacks. Hammad, Garcia, and Sam Malek. IEEE/ACM ASE 2018.
Too Quiet in the Library: An Empirical Study of Security Updates in Android Apps’ Native Code. Almanee, Unal, Payer, and Garcia. ICSE 2021.

Week 7

Tuesday, May 16 – IoT/CPS Systems Security III

RT-TEE: Real-time System Availability for Cyber-physical Systems using ARM TrustZone. Wang, Li, Li, Lu, and Zhang. IEEE S&P 2022.

Exposing Congestion Attack on Emerging Connected Vehicle based Traffic Signal Control. Chen, Yin, Feng, Mao, and Liu. NDSS 2018.
Green Lights Forever: Analyzing the Security of Traffic Infrastructure. Ghena, Beyer, Hillaker, Pevarnek, and Halderman. Usenix WOOT 2014.

Thursday, May 18 – Machine Learning Security I

Adversarial Examples Are Not Bugs, They Are Features. Ilyas, Santurkar, Tsipras, Engstrom, Tran, and Madry. NeurIPS 2019.

On Adaptive Attacks to Adversarial Example Defenses. Tramer, Carlini, Brendel, and Madry. NeurIPS 2020.
Fooling Detection Alone is Not Enough: Adversarial Attack against Multiple Object Tracking. Jia, Lu, Shen, Chen, Chen, Zhong, and Wei. ICLR 2020.
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples. Athalye, Carlini, and Wagner. ICML 2018.
Towards Evaluating the Robustness of Neural Networks. Carlini, and Wagner. IEEE S&P 2017.

Week 8

Tuesday, May 23 – Machine Learning Security II

That Person Moves Like A Car: Misclassification Attack Detection for Autonomous Systems Using Spatiotemporal Consistency. Man, Muller, Li, Celik, and Gerdes. Usenix Security 2023.

Towards Robust LiDAR-based Perception in Autonomous Driving: General Black-box Adversarial Sensor Attack and Countermeasures. Sun, Cao, Chen, and Mao. Usenix Security 2020.
Distillation as a Defense to Adversarial Perturbations against Deep Neural Networks. Papernot, McDaniel, Wu, Jha and Swami. IEEE S&P 2016.

Thursday, May 25 – Machine Learning Security III

Blacklight: Scalable Defense for Neural Networks against Query-Based Black-Box Attacks. Li, Shan, Wenger, Zhang, Zheng and Zhao. Usenix Security 2022.

Neural Cleanse: Identifying and Mitigating Backdoor Attacks in Neural Networks. Wang, Yao, Shan, Li, Viswanath, Zheng, and Zhao. IEEE S&P 2019.
Certified Robustness to Adversarial Examples with Differential Privacy. Lecuyer, Atlidakis, Geambasu, Hsu, and Jana. IEEE S&P 2019.
Formal Security Analysis of Neural Networks using Symbolic Intervals. Wang, Pei, Whitehouse, Yang, and Jana. Usenix Security 2018.

Week 9

Tuesday, May 30 - Sensor/Analog Security

Un-Rocking Drones: Foundations of Acoustic Injection Attacks and Recovery Thereof. Jeong, Kim, Jang, Noh, Song, and Kim. NDSS 2023.

Adversarial Sensor Attack on LiDAR-based Perception in Autonomous Driving. Cao, Xiao, Cyr, Zhou, Park, Rampazzi, Chen, Fu, and Mao. CCS 2019.

DolphinAttack: Inaudible Voice Commands

Illusion and Dazzle: Adversarial Optical Channel Exploits against Lidars for Automotive Applications. Shin, Kim, Kwon, and Kim. CHES 2017.
Injected and Delivered: Fabricating Implicit Control over Actuation Systems by Spoofing Inertial Sensors. Tu, Lin, Li, and Hei. Usenix Security 2018.

Thursday, June 1 – Physical Security

An Introduction to Lock Picking: How to Pick Pin Tumbler Locks -- No summary required; Just read this and come to class

Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding. Laxton, Wang, and Savage. CCS, 2008.
Cryptology and Physical Security: Rights Amplification in Master-Keyed Mechanical Locks. Matt Blaze. IEEE Security and Privacy, 2003.
Security Analysis of a Widely Deployed Locking System. Weiner, Massar, Tews, Giese, and Wieser. CCS 2013.

Week 10

Tuesday, June 6 – Project Presentation

No readings!

Thursday, June 8 – Project Presentation

No readings!

Week 11

Friday, June 16 – Project Report Due!