TUM Logo

Software Security Analysis

Software Security Analysis  

Seminare 2 SWS / 5 ECTS
Veranstalter: Fabian Franzen
Zeit und Ort:

Attendance / Presentations will take place at the Fraunhofer Institut AISEC:

Wednesday, 22.04.2020
Thursday, 02.07.2020 and Friday, 03.07.2020: slides

Beginn:


This is a course organized and held by the Fraunhofer AISEC!

Kickoff-Meeting: 5th February 2020, 15:00 - 15:30 in Room 01.08.033

Finding vulnerabilities in software has become an industry on its own
and various tools from simple linters to sophisticated static code
analysis frameworks exist.

This seminar will cover the foundations of advanced code analysis
approaches that can be used to spot complex vulnerabilities during
development, but also retrospectively in binaries "in the wild".

The seminar will be organized like a scientific conference. Students
will start their research with a loose research question, deep-dive into
a challenging topic of their choice and create a scientific publication
that is peer-reviewed by their peers and presented in the plenum.

Possible topics will include:

- Finding vulnerabilities with data flow analysis
- Approaches and challenges of typestate analysis
- Discovering privacy leaks with taint analysis
- Integer overflow detection using symbolic execution
- Abstract Interpretation
- Challenges in binary lifting
- Dynamic binary instrumentation
- Advanced fuzzing

Further topic proposals by the participants can be considered.