| Semester | Summer 2022 |
| Course type | Block Seminar |
| Lecturer | TT.-Prof. Dr. Wressnegger |
| Audience | Informatik Master & Bachelor |
| Credits | 4 ECTS |
| Room | 148 (50.34) |
| Language | English |
| Link | https://campus.kit.edu/campus/lecturer/event.asp?gguid=0xB50D8B6712C04CDF8810E872E37CB15C |
| Registration | https://ilias.studium.kit.edu/goto.php?target=crs%5F1786153&client_id=produktiv |
This seminar is concerned with the analysis and the discovery of vulnerabilities in software. Exploitable flaws in software are the foundation of attacks against entire systems and networks. Finding these hence is an important building block of proactive security.
The module introduces students to the large field of vulnerability discovery and teaches them to work up results from state-of-the-art research. To this end, the students will read up on a sub-field, prepare a seminar report, and present their work at the end of the term to their colleagues.
Topics include but are not limited to approaches for fuzzing software/devices, particular vulnerability classes, and static analysis for finding bugs.
| Date | Step |
| Tue, 19. April, 11:30–13:00 | Primer on academic writing, assignment of topics |
| Thu, 28. April | Arrange appointments with assistant |
| Mon, 02. May - Fri, 06. May | 1st individual meeting (First overview, ToC) |
| Mon, 13. June - Fri, 17. June | 2nd individual meeting (Feedback on first draft of the report) |
| Wed, 29. June | Submit final paper |
| Mon, 11. July | Submit review for fellow students |
| Fri, 15. July | End of discussion phase |
| Fri, 22. July | Submit camera-ready version of your paper |
| Mon, 1. August | Presentation at final colloquium |
News about the seminar, potential updates to the schedule, and additional material are distributed using a separate mailing list. Moreover, the list enables students to discuss topics of the seminar.
You can subscribe here.
Every student may choose one of the following topics. For each of these, we additionally provide a recent top-tier publication that you should use as a starting point for your own research. For the seminar and your final report, you should not merely summarize that paper, but try to go beyond and arrive at your own conclusions.
Moreover, most of these papers come with open-source implementations. Play around with these and include the lessons learned in your report.
- Regression Greybox Fuzzing, CCS 2021
- Directed Greybox Fuzzing, CCS 2017
- Evaluating Synthetic Bugs, ASIA CCS 2021
- LAVA: Large-Scale Automated Vulnerability Addition, IEEE S&P 2016
- Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing, USENIX
Security 2022
- Snipuzz: Black-box Fuzzing of IoT Firmware via Message Snippet Inference,
CCS 2021
- AFLNet: A Greybox Fuzzer for Network Protocols, ICST 2021
- Nyx-Net: Network Fuzzing with Incremental Snapshots, CoRR 2021
- LIGHTBLUE: Automatic Profile-Aware Debloating of Bluetooth Stacks, USENIX
Security 2021
- Debloating Software through Piece-Wise Compilation and Loading, USENIX
Security 2018
- Branch History Injection: On the Effectiveness of Hardware Mitigations
Against Cross-Privilege Spectre-v2 Attacks, USENIX Security 2022
- RIDL: Rogue In-Flight Data Load, IEEE S&P 2019
- Riding out DOMsday: Toward Detecting and Preventing DOM Cross-Site
Scripting, NDSS 2018
- 25 Million Flows Later - Large-scale Detection of DOM-based XSS, CCS 2013
- SMARTEST: Effectively Hunting Vulnerable Transaction Sequences in Smart
Contracts through Language Model-Guided Symbolic Execution, USENIX Security
2021
- VeriSmart: A Highly Precise Safety Verifier for Ethereum Smart Contracts,
IEEE S&P 2020