TUM Logo

Software Security Analysis

Software Security Analysis  

Seminare 2 SWS / 5 ECTS
Veranstalter: Fabian Kilger and Fabian Franzen
Zeit und Ort:

Preliminary Meeting: Thursday, 08 July 2021 at 10.00 h - video conference

Beginn:


Schedule

  • Preliminary Meeting: Thursday, 08.07.2021, 10.00h: Here, Slides

Contents

Finding vulnerabilities in software has become an industry on its own
and various tools from simple linters to sophisticated static code
analysis frameworks exist.

This seminar will cover the foundations of advanced code analysis
approaches that can be used to spot complex vulnerabilities during
development, but also retrospectively in binaries "in the wild".

The seminar will be organized like a scientific conference. Students
will start their research with a loose research question, deep-dive into
a challenging topic of their choice and create a scientific publication
that is peer-reviewed by their peers and presented in the plenum.

Possible topics will include:

- Finding vulnerabilities with data flow analysis
- Approaches and challenges of typestate analysis
- Discovering privacy leaks with taint analysis
- Integer overflow detection using symbolic execution
- Abstract Interpretation
- Challenges in binary lifting
- Dynamic binary instrumentation
- Advanced fuzzing

Further topic proposals by the participants can be considered.