Software Security Analysis
Software Security Analysis
Seminare | 2 SWS / 5 ECTS |
Veranstalter: | Fabian Kilger |
Zeit und Ort: | Preliminary Meeting: Thursday, 03 February 2022 / 10.00 h - Onlinekonferenz |
Beginn: |
Schedule
- Preliminary Meeting [Slides]: Thursday, 03.02.2022 / 10.00 h - Onlinekonferenz
Contents
Finding vulnerabilities in software has become an industry on its own
and various tools from simple linters to sophisticated static code
analysis frameworks exist.
This seminar will cover the foundations of advanced code analysis
approaches that can be used to spot complex vulnerabilities during
development, but also retrospectively in binaries "in the wild".
The seminar will be organized like a scientific conference. Students
will start their research with a loose research question, deep-dive into
a challenging topic of their choice and create a scientific publication
that is peer-reviewed by their peers and presented in the plenum.
Possible topics will include:
- Finding vulnerabilities with data flow analysis
- Approaches and challenges of typestate analysis
- Discovering privacy leaks with taint analysis
- Integer overflow detection using symbolic execution
- Abstract Interpretation
- Challenges in binary lifting
- Dynamic binary instrumentation
- Advanced fuzzing
Further topic proposals by the participants can be considered.