Title: CS 6V81-002: Language-based Security
Course Registration Number: 13926
Times: MW 4:00-5:15
Location: ECSS 2.306
Instructor: Dr. Kevin Hamlen (hamlen AT utdallas)
Office Hours: ECSS 3.704, Wed 2:00-4:00
This course will introduce and survey the emerging field of "Language-based Security", in which techniques from compilers and programming language theory are leveraged to address issues in computer security. Topics include:
The aim of the course is to allow each student to develop a solid understanding of at least one of these topics, along with a more general familiarity with the range of research in the field. In-course discussion will highlight opportunities for cutting-edge research in each area. If your research involves computer security, this course will provide you with an array of powerful tools for addressing software security issues. If your research involves programming languages and compilers, this course will show you how to take techniques that you might already know and apply them in new and interesting ways.
The course is open to Ph.D. students and Masters students. Undergraduates may enroll with permission of instructor.
Suggested prerequisite: CS 6371 Advanced Programming Languages (or concurrently), or a basic familiarity with type theory. (If not, the student is advised to consult one of the texts on type theory listed later on this page.)
Homework: Homeworks will consist of assigned readings—usually one required paper and one optional additional paper per class session. Material presented in class will assume that students have read the assigned material before coming to class, so please do the readings ahead of time!
Quizzes (25%): To encourage students to read the assigned material in advance, there will be a very short quiz at the beginning of most classes designed to test whether you have completed the required reading(s) for the day. Quizzes will typically consist of about five multiple-choice questions or short-answer questions. Each student's lowest two quiz scores will be dropped, and his/her quiz grade will be the average of the remaining scores. A missed quiz is a 0, but students are free to make up any quiz as long as the solutions have not yet been posted and the student was not present for the in-class lecture (which typically reveals the quiz answers).
Presentations (25%): Each student will be assigned 1-2 days during the semester during which they will present to the class a summary of the readings for that day. The presentation should provide a technical overview of the paper, a description of how the paper fits into the broader context of the material covered in the course, and should pose some interesting questions or challenges for in-class discussion.
Class Participation (10%): Students are expected to come to each class having read the assigned papers, and prepared with questions, critiques, and discussion topics. Regular participation in in-class discussion will count 10% towards students' grades in the course.
Projects (40%): Students taking the course for a letter grade will work individually or in a team of two to four to complete a course-related project. All project ideas are individually approved by the instructor. Proposals are due by mid-semester. A typical project would involve implementing one of the concepts described in one of the assigned readings, or using one or more of the research-level software packages covered in class to do an interesting program analysis or to address a non-trivial security vulnerability. Some overlap of class project with the student's docteral or masters thesis research is both permitted and encouraged.
The course has no required textbook, but several of the course topics will draw heavily from material in:
The following are also useful references for those not already familiar with type theory and/or security:
Date | Topic | Presenter(s) |
Introduction and Review | ||
Mon 1/7 |
Course overview and introduction to Language-based Security |
Instructor [slides] |
Wed 1/9 |
Introduction: Verification Conditions
|
Instructor [slides] |
Mon 1/14 |
Introduction: Type-theory
|
Instructor [slides] [quiz 1 solutions] |
Wed 1/16 |
Introduction: Computer Security
|
Instructor [slides] |
Mon 1/21 | Martin Luther King Day | N/A |
Memory Safety and Control-Flow Safety | ||
Wed 1/23 |
Software Fault Isolation
|
Moore [slides] [quiz 2 solutions] |
Mon 1/28 | SFI for CISC
|
Wartell [slides] [quiz 3 solutions] |
Wed 1/30 |
Control Flow Integrity
|
Cooke [slides] [quiz 4 solutions] |
Minimizing the Trusted Computing Base | ||
Mon 2/4 |
Proof-Carrying Code
|
Instructor [slides] |
Wed 2/6 |
Proof-Carrying Code
|
DeVries [slides] [quiz 5 solutions] |
Mon 2/11 |
Typed Assembly Language
|
Instructor [slides] |
Wed 2/13 |
Dependently Typed Assembly Language
|
Desautels [slides] [quiz 6 solutions] |
Securing Legacy Code | ||
Mon 2/18 |
Cyclone: A TAL-Targeting, C-like Language
|
Marple [slides, handout] [quiz 7 solutions] |
Wed 2/20 |
CCured: A PCC-Targeting, C-like Language
|
Chenault [slides] [quiz 8 solutions] |
In-lined Reference Monitors | ||
Mon 2/25 |
In-lined Reference Monitoring
|
Jones [slides] [quiz 9 solutions] |
Wed 2/27 |
Composable Policies
|
Sridhar [slides] [quiz 10 solutions] |
Mon 3/3 |
Certified In-lined Reference Monitoring
|
Instructor [slides] [quiz 11 solutions] |
Information Flow | ||
Wed 3/5 |
Overview of Language-based Information Flow
|
Burke [slides] [quiz 12 solutions] |
Mon 3/10 | Spring Break | N/A |
Wed 3/12 | Spring Break | N/A |
Mon 3/17 | Class Cancelled | N/A |
Wed 3/19 |
Information Flow for Java
|
Urbano [slides] [quiz 13 solutions] |
Mon 3/24 |
Distributed Information Flow
|
Saeedloei [slides] [quiz 14 solutions] |
Theoretical Underpinnings of PCC, TAL and IRM's | ||
Wed 3/26 |
Foundational Proof-Carrying Code
|
Instructor [slides] [quiz 15 solutions] |
Mon 3/31 |
Computational Theory of In-lined Reference Monitors
|
Instructor [quiz 16 solutions] |
Functional Programming | ||
Wed 4/2 |
Efficient, Safe Code via High-level Functional Languages
|
Hoglan [slides] [quiz 17 solutions] |
Obfuscation and Randomization | ||
Mon 4/7 |
Address Space Randomization
|
Greene [slides] [quiz 18 solutions] |
Wed 4/9 |
Instruction Set Randomization
|
Instructor [slides] [quiz 19 solutions] |
Mon 4/14 |
Course Evaluations Obfuscation and Type Systems
|
Instructor [slides] [quiz 20 solutions] |
Student Research | ||
Wed 4/16 |
Aspect-Oriented Programming and IRM's |
Jones |
Mon 4/21 |
Project Presentations
|
Various |
Wed 4/23 |
Project Presentations
|
Various |
Mon 4/28 |
Project Presentations
|
Various |
Wed 5/7 5:00pm |
FINAL DEADLINE FOR PROJECTS: May 7th, 5:00pm Email the following to me (hamlen at utdallas):
The UTD email system does not like well-known extensions like .zip and .gz. To email me an archive, rename the extension to something benign (e.g., submission.foo) and tell me in the email body what the "real" extension should be. |