Code Reuse Attacks and Defenses against them
Code Reuse Attacks and Defenses against them
Seminare | 2 SWS / 5,0 ECTS |
Veranstalter: | Peng Xu and Paul Muntean |
Zeit und Ort: | Mo, 10:00 Uhr, 01.08.033 |
Beginn: | 2017-04-25 |
Required Preliminary Knowledge
Basic C programming language, object-oriented language(C++/Java), Assembly language and IT security knowledge.
Task
In this seminar, several hot topics in this line of research will be discussed. The goal is to provide students an overview of state-of-the-art control flow based security techniques in order to encourage them to explore this exciting research field. Each student will be assigned with one research paper. After studying the paper, each student is required to write a short report about the paper, make a 30-minute presentation about his/her topic and 15 minutes discussion.
|
Research Papers
Schedule
Title | Speaker | Date |
Kickoff Meeting | Peng X. | 27.01.2017 |
1. The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86) |
Peng X. | 24.04.2017 |
Prepare the literature research and report outline (no group meeting) | All Students | 08.05.2017 |
Deliver the literature research and report outline (no group meeting) | All Students | 15.05.2017 |
1. Return-oriented programming without returns |
Mehdi B. |
22.05.2017 |
1. Hacking blind 2. Just-In-Time Code Reuse:On the Effectiveness of Fine-Grained Address Space Layout Randomization |
Nicolas F. |
29.05.2017 |
1. Counterfeit object-oriented programming: On the difficulty of preventing code reuse attacks in C++ applications |
- Hajizada T. |
12.06.2017 |
1. It's a TRaP: Table randomization and protection against function-reuse attacks 2. Isomeron: Code Randomization Resilient to (Just-In-Time) Return-Oriented Programming |
- Sebastian K. |
19.06.2017 |
1. SAFEDISPATCH: Securing C++ Virtual Calls from Memory Corruption Attacks 2. Protecting c++ dynamic dispatch through vtable interleaving |
- | 26.06.2017 |
1. VTint: Protecting Virtual Function Tables’ Integrity 2. T-VIP:Towards automated integrity protection of C++ virtual function tables in binary programs |
Jakob R. |
03.07.2017 |
Deadline for the first version report |
All Students | 10.07.2017 |
1. Deadline for paper-related experiments(Attacks and Defense mechanisms) |
All Students | 17.07.2017 |
Deadline for the final report | All Students | 24.07.2017 |
Presentation Guidelines
Each student makes a presentation about the given paper. The time given for the presentation is 45 minutes, including discussion. We recommend to take 30 minutes for actual presentation and leave around 15 minutes for discussion. Presentations should be in a style of conference/workshop talks. A good presentation will:
- give correct and accurately displayed information about the paper,
- present all the important points of the paper,
- contain an understandable explanation for your colleague students, especially about the used method and the results of the paper,
- initiate a good discussion.
Report Structure and Literature Research Q & A
- Q: How can I obtain bonus points for my report and presentation?
- A: For example: add a new discussion section (i.e., you can discuss about relevant work), add more related work (note: partition the related work section in subsections), add a new conclusion (i.e., can be also a high level conclusion about the original paper), add or expand the future work section with future research directions (i.e., cluster them if needed).
- Q: Do I have to provide the name of the seminar on all my deliverables?
- A: Yes, the name of the seminar, your name and your Matr. Nr. have to be provided.
- Q: Is it enough to only list all the literature we probably need?
- A: You need to list all references and write one sentence which characterizes that reference. You can have a look for example in the abstract, discussion or conclusion section, etc.
- Q: What needs to be the content of the report outline or better its structure?
- A: Basically the structure of the original paper plus your own contributions/sections (e.g., extended related work section, new discussion section, etc.)
Report Guidlines
Avoid making common report writing mistakes: Download the general guidelines
Each report should include an abstract of up to 200 words. It should be not shorter than 10 single-spaced pages and no longer than 15 single-spaced pages with 10pt font size. Students need to hand in a hard copy of the report before the final deadline. Students are strongly encouraged to use Springer LNCS/LNAI manuscript submission guidelines.
Students should not aspire to write a long but boring report. A charming report should be clear, compact and easy to follow.
Note that, if a student doesn't submit a report and give a presentation before 11.07.2017, he/she will not pass.
Download the PDF version of "How to Write a Seminar Report". PARAPHRASING AND SUMMARIZING
Summarizing
Always check your summary for clarity. |
Other Resources
Science Research Writing for Non-Native Speakers of English | |
Cambridge Advanced Grammar in Use | |
How (and How Not) to Write a Good Systems Paper |
|