CSC 6991 Advacned Computer Security

Fall 2015 --- Fengwei Zhang

  • Instructor: Fengwei Zhang
  • Class Location: Prentis Building (PREN) 0015
  • Class Time: Monday, Wednesday 11:00AM - 12:20PM
  • Syllabus: [PDF]
  • Office Hours: Monday, Wednesday 10:00AM - 11:00PM
  • Office Address: Maccabees Building, Room 14109.3
  • Homepage:
  • Email: fengwei (at) wayne (dot) edu

Course Description

The course is designed for students interested in computer security research and helps them get started. It will focus on computer security research topics including system security, web security, mobile security, authentication and password management, privacy and anonymity, hardware security, and attacks. The course centers around readings and discussions; it has a term project. Students are expected to read the assigned papers, write paper summaries, and present papers. The term project is essentially a mini research project that involves building a new system, improving an existing technique, or performing a large case study.

Course Objectives

This course offers an in depth introduction to computer security research. Upon successful completion of this class, the student will gain experience in:


CSC4290 (Introduction to Computer Networking), CSC4420 (Computer Operating Systems), and CSC5270 (Computer Systems Security); or permission of the instructor.

Grading Policy

Academic Dishonesty

Please read and adhere to the University's Academic Integrity Page and WSU Student Code of Conduct.

Student Disabilities Services

If you have a documented disability that requires accommodations, you will need to register with Student Disability Services for coordination of your academic accommodations. The Student Disability Services (SDS) office is located in the Adamany Undergraduate Library. The SDS telephone number is 313-577-1851 or 313-202-4216 (Videophone use only).

Class Schedule

Date Topic Reading & Notes (tentative) Speaker
Week 1, 09/02 Course overview
  • How to Read an Engineering Research Paper. William G. Griswold. [Link]
  • Writing Technical Papers in CS/EE. Henning Schulzrinne. [Link]
  • The Elements of Style. Strunk and White. [Link]
Fengwei Zhang [Slides]
Week 2, 09/07 No Class
  • Holiday -- Labor Day
Week 2, 09/09 Isolated Execution Environments Assigned:
  • Using Hardware Isolated Execution Environments for Securing Systems, Fengwei Zhang, Ph.D. Thesis. [Link]
Fengwei Zhang [Slides]
Week 3, 09/14 Memory Attacks and Introspection Assigned:
  • SPECTRE: A Dependable Introspection Framework via System Management Mode. Fengwei Zhang, Kevin Leach, Kun Sun, and Angelos Stavrou. In DSN'13. [Link]
  • HyperShell: A Practical Hypervisor Layer Guest OS Shell for Automated In-VM Management. Yangchun Fu, Junyuan Zeng, and Zhiqiang Lin. In Usenix ATC'14. [Link]
Fengwei Zhang [Slides]
Week 3, 09/16 Transparent Malware Analysis I Assigned:
  • Using Hardware Features for Increased Debugging Transparency. Fengwei Zhang, Kevin Leach, Angelos Stavrou, Haining Wang, and Kun Sun. In S&P'15. [Link]
  • MalGene: Automatic Extraction of Malware Analysis Evasion Signature. Dhilung Kirat and Giovanni Vigna. In CCS'15. [Link]
Fengwei Zhang [Slides]
Week 4, 09/21 Transparent Malware Analysis II Assigned:
  • Evading Android Runtime Analysis via Sandbox Detection. Timothy Vidas and Nicolas Christin. In AsiaCCS'14. [Link]
  • Morpheus: Automatically Generating Heuristics to Detect Android Emulators. Yiming Jing, Ziming Zhao, Gail-Joon Ahn, and Hongxin Hu. In ACSAC'14. [Link]
Hitakshi Annayya [Slides]
Week 4, 09/23 Denial of Service (DoS) Attack Assigned:
  • Low-Rate TCP-Targeted Denial of Service Attacks (The Shrew vs. the Mice and Elephants). Aleksandar Kuzmanovic and Edward W. Knightly. In ACM SIGCOMM'03. [Link]
  • Practical Study of a Defense Against Low-Rate TCP-Targeted DoS Attack. Petros Efstathopoulos. In ICITST'09. [Link]
  • Low-Rate DDoS Attacks Detection and Traceback by Using New Information Metrics. Yang Xiang, Ke Li, and Wanlei Zhou. In TIFS'11. [Link]
Fengwei Zhang [Slides]
Week 5, 09/28 Car Hacking I Assigned:
  • Remote Exploitation of an Unaltered Passenger Vehicle. Charlie Miller and Chris Valasek. In BlackHat USA'15. [Link]
Hitakshi Annayya [Slides]
Week 5, 09/30 Car Hacking II Assigned:
  • Comprehensive Experimental Analyses of Automotive Attack Surfaces. Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, Stefan Savage, Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno. In UsenixSecurity'11. [Link]
Lucas Andrew Copi [Slides]
Week 6, 10/05 OS Security Project Proposals Due

  • ret2dir: Rethinking Kernel Isolation. Vasileios P. Kemerlis, Michalis Polychronakis, and Angelos D. Keromytis. In UsenixSecurity'14. [Link]
Lucas Andrew Copi [Slides]
Week 6, 10/07 Term Project Proposal
  • Proposal Presentations and Discussion
Fengwei Zhang [Slides]
Week 7, 10/12 Password Management Assigned:
  • Password Managers: Attacks and Defenses. David Silver, Suman Jana, Dan Boneh, Eric Chen and Collin Jackson. In UsenixSecurity'14. [Link]
Sai Tej Kancharla [Slides]
Week 7, 10/14 Memory Forensic Assigned:
  • DSCRETE: Automatic Rendering of Forensic Information from Memory Images via Application Logic Reuse. Brendan Saltaformaggio, Zhongshu Gu, Xiangyu Zhang, and Dongyan Xu. In UsenixSecurity'14. [Link]
  • GUITAR: Piecing Together Android App GUIs from Memory Images. Brendan Saltaformaggio, Rohit Bhatia, Zhongshu Gu, Xiangyu Zhang, Dongyan Xu. In CCS'15 [Link]
Sharani Sankaran [Slides]
Week 8, 10/19 iOS Security Assigned:
  • On the Feasibility of Large-Scale Infections of iOS Devices. Tielei Wang, Yeongjin Jang, Yizheng Chen, Pak-Ho Chung, Billy Lau, and Wenke Lee. In UsenixSecurity'14. [Link]
  • Cracking App Isolation on Apple: Unauthorized Cross-App Resource Access on MAC OS X and iOS. Luyi Xing, Xiaolong Bai, Tongxin Li, XiaoFeng Wang, Kai Chen, Xiaojing Liao, Shi-Min Hu, and Xinhui Han. In CCS'15 [Link]
  • iRiS: Vetting Private API Abuse in iOS Applications Zhui Deng, Brendan Saltaformaggio, Xiangyu Zhang, and Dongyan Xu. In CCS'15 [Link]
Sai Tej Kancharla [Slides]
Week 8, 10/21 Android Security I Revised Proposals Due

  • Leave Me Alone: App-level Protection Against Runtime Information Gathering on Android. Nan Zhang, Kan Yuan, Muhammad Naveed, Xiaoyong Zhou, and XiaoFeng Wang. In S&P'15. [Link]
  • Effective Real-time Android Application Auditing. Mingyuan Xia, Lu Gong, Yuanhao Lv, Zhengwei Qi, Xue Liu. In S&P'15. [Link]
Hitakshi Annayya [Slides]
Week 9, 10/26 Android Security II Assigned:
  • What the App is That? Deception and Countermeasures in the Android User Interface. Antonio Bianchi, Jacopo Corbetta, Luca Invernizzi, Yanick Fratantonio, Christopher Kruegel and Giovanni Vigna. In S&P'15. [Link]
  • Android Permissions Remystified: A Field Study on Contextual Integrity. Primal Wijesekera, Arjun Baokar, Ashkan Hosseini, Serge Egelman, David Wagner, Konstantin Beznosov. In UsenixSecurity'15. [Link]
Lucas Andrew Copi [Slides]
Week 10, 10/28 Authentication and Trust Assigned:
  • TrustOTP: Transforming Smartphones into Secure One-Time Password Tokens. He Sun, Kun Sun, Yuewu Wang, and Jiwu Jing. In CCS'15. [Link]
  • Sound-Proof: Usable Two-Factor Authentication Based on Ambient Sound. Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, and Srdjan Capkun. In UsenixSecurity'15. [Link]
Fengwei Zhang [Slides]
Week 10, 11/02 ROP Attack
  • The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86). Hovav Shacham. In CCS'07. [Link]
Ahmad Moghimi [Slides]
Week 10, 11/04 Plausibly Deniable Encryption (PDE) Assigned:
  • DEFY: A Deniable, Encrypted File System for Log-Structured Storage. Timothy M. Peters, Mark A. Gondree, and Zachary N. J. Peterson. In NDSS'15. [Link]
  • MobiPluto: File System Friendly Deniable Storage for Mobile Devices. Bing Chang, Zhan Wang, Bo Chen, and Fengwei Zhang. In ACSAC'15. [Link]
  • Mobiflage: Deniable Storage Encryptionfor Mobile Devices. Adam Skillen and Mohammad Mannan. In NDSS'13 and TDSC'14. [Link]
Fengwei Zhang [Slides]
Week 11, 11/09 TrustZone on ARM Assigned:
  • TrustICE: Hardware-assisted Isolated Computing Environments on Mobile Devices. He Sun, Kun Sun, Yuewu Wang, Jiwu Jing, and Haining Wang. In DSN'15. [Link]
  • Hypervision Across Worlds: Real-time Kernel Protection from the ARM TrustZone Secure World. Ahmed Azab, Peng Ning, Jitesh Shah, Quan Chen, Rohan Bhutkar, Guruprasad Ganesh, Jia Ma, and Wenbo Shen. In CCS'14. [Link]
Zhenyu Ning [Slides]
Week 11, 11/11 Semantic Gap Problem Assigned:
  • SoK: Introspections on Trust and the Semantic Gap. Bhushan Jain, Mirza Basim Baig, Dongli Zhang, Donald E. Porter, and Radu Sion. In S&P'14. [Link]
  • Hybrid-Bridge: Efficiently Bridging the Semantic-Gap in Virtual Machine Introspection via Decoupled Execution and Training Memoization. Alireza Saberi, Yangchun Fu, and Zhiqiang Lin. In NDSS'14. [Link]
Zhenyu Ning [Slides]
Week 12, 11/16 Password Login Assigned:
  • TrustLogin: Securing Password-Login on Commodity Operating Systems. Fengwei Zhang, Kevin Leach, Haining Wang, and Angelos Stavrou. In AsiaCCS'15. [Link]
Fengwei Zhang [Slides]
Week 12, 11/18 Firmware Security Assigned:
  • A Large-Scale Analysis of the Security of Embedded Firmwares. Andrei Costin, Jonas Zaddach, Aurelien Francillon, and Davide Balzarotti. In UsenixSecurity'14. [Link]
  • Thunderstrike: EFI firmware bootkits for Apple MacBooks. Trammell Hudson. In 31C3. [Link]
Zhenyu Ning [Slides]
Week 13, 11/23 Term Project Discussion
  • Working Class for Term Project (Q & A)
Fengwei Zhang [Slides]
Week 13, 11/25 No Class
  • Holiday -- Thanksgiving
Week 14, 11/30 Moving Target Defense Assigned:
  • Survey of Cyber Moving Targets. H. Okhravi, M.A. Rabe, T.J. Mayberry, W.G. Leonard, T.R. Hobson, D. Bigelow, W.W. Streilein. Technical Report, MIT Lincoln Laboratory, 2013. [Link]
Sharani Sankaran [Slides]
Week 14, 12/02 Web Security Assigned:
  • ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities. Michael Weissbacher, William Robertson, Engin Kirda, Christopher Kruegel and Giovanni Vigna. In UsenixSecurity'15. [Link]
Sai Tej Kancharla [Slides]
Week 15, 12/07 Privacy in Pharmacogenetics Assigned:
  • Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing. Matthew Fredrikson, Eric Lantz, Somesh Jha, Simon Lin, David Page and Thomas Ristenpart. In UsenixSecurity'14. [Link]
Sharani Sankaran [Slides]
Week 15, 12/09 Term Project Presentations
Week 16, 12/14 Term Project Presentations Project Final Reports Due