TUM Logo

Software Security Analysis

Software Security Analysis  

Seminare 2 SWS / 5 ECTS
Veranstalter: Fabian Franzen
Beginn:


Schedule

  • Preliminary Meeting: Monday, 13 July 2020, 13.00 till 13.45 h [Slides]

Qualification Challenge

Please analyze the following software projects with automated vulnerability detection tools (such as AFL, Angr, KLEE, Clang Static Analyzer, etc.) and send me your findings as a write up:

Your write up should contain: The file and number line number, where the (main) security bug resides. Furthermore, include a brief description of the bug and how you found it.

Write Ups will be ranked based on: exploitablility of the bugs, the number of tools tried and the number of bugs found. Please focus on serious bugs that cause at least a program crash. Please send the write up to franzen@sec.in.tum.de until 21.07.2020 23:59.

Contents

Finding vulnerabilities in software has become an industry on its own
and various tools from simple linters to sophisticated static code
analysis frameworks exist.

This seminar will cover the foundations of advanced code analysis
approaches that can be used to spot complex vulnerabilities during
development, but also retrospectively in binaries "in the wild".

The seminar will be organized like a scientific conference. Students
will start their research with a loose research question, deep-dive into
a challenging topic of their choice and create a scientific publication
that is peer-reviewed by their peers and presented in the plenum.

Possible topics will include:

- Finding vulnerabilities with data flow analysis
- Approaches and challenges of typestate analysis
- Discovering privacy leaks with taint analysis
- Integer overflow detection using symbolic execution
- Abstract Interpretation
- Challenges in binary lifting
- Dynamic binary instrumentation
- Advanced fuzzing

Further topic proposals by the participants can be considered.