Schedule
This is a tentative schedule for the class. There could be some dynamic adjustments as and when needed.
Note: We will have project presentations on November 29th and December 01, 03, 06, 08, and, 10.
-
EventDateDescriptionCourse Material
-
Lecture08/25/2025
MondayIntroductionRequired Readings:
-
Assignment08/25/2025
MondayAssignment #0 - Self Assessment released! -
Lecture08/27/2025
WednesdayMemory Corruption and Vulnerability Detection - Static analysis (Part 1)[slides] [References]Required Readings:
Suggested Readings:
-
Lecture08/29/2025
FridayMemory Corruption and Vulnerability Detection - Static analysis (Part 2)[slides] [References]Required Readings:
Suggested Readings:
-
Due08/29/2025 23:59
FridayAssignment #0 due -
No Class09/01/2025
MondayLabour Day -
Lecture09/03/2025
WednesdayMemory Corruption and Vulnerability Detection - Static analysis (Part 2)[slides] [References]Required Readings:
Suggested Readings:
-
Project Milestone09/05/2025 00:00
FridayProject Proposal Due -
Lecture09/05/2025
FridayLLVM - Crash course[slides] -
Assignment09/06/2025
SaturdayAssignment #1 - LLVM Playground released! -
Lecture09/08/2025
MondayVulnerability Detection - Fuzzing (Part 1)[slides]Required Readings:
Suggested Readings:
- Driller: Fuzzing and symbolic execution
- DIFUZE: Interface Aware Fuzzing for Kernel Drivers
- Angora: Efficient Fuzzing by Principled Search
- Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing
- Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization
- T-Fuzz: fuzzing by program transformation
-
Lecture09/10/2025
WednesdayVulnerability Detection - Fuzzing (Part 2)[slides]Required Readings:
Suggested Readings:
- Driller: Fuzzing and symbolic execution
- DIFUZE: Interface Aware Fuzzing for Kernel Drivers
- Angora: Efficient Fuzzing by Principled Search
- Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing
- Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization
- T-Fuzz: fuzzing by program transformation
-
Lecture09/12/2025
FridayFunction Level Fuzzing (By Sid)[paper] -
Lecture09/15/2025
MondayVulnerability Detection - Sanitizers (Part 1)[slides]Recommended Readings:
-
Lecture09/17/2025
WednesdayVulnerability Detection - Sanitizers (Part 2)[slides]Recommended Readings:
-
Project Milestone09/19/2025 00:00
FridayRelated Work Due -
Lecture09/19/2025
FridayFuzzing UEFI Interfaces (By Connor)[slides] -
Lecture09/22/2025
MondayVulnerability Detection - Symbolic Execution (Part 1)[slides]Required Readings:
- KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs
- Symbolic Execution for Software Testing: Three Decades Later
Suggested Readings:
- SAGE: Automated Whitebox Fuzzing
- Under-constrained symbolic execution
- Target-Driven Compositional Concolic Testing
- Chopped Symbolic Execution
- QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing
- Symbolic Execution with SymCC
- Neuro-Symbolic Execution: Augmenting Symbolic Execution with Neural Constraints
-
Lecture09/24/2025
WednesdayVulnerability Detection - Best Effort (Part 1)[slides]Required Readings:
Recommended Readings:
- Sys: a Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code
- μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection
- Automatic Inference of Search Patterns for Taint-Style Vulnerabilities
- Bran: Reduce Vulnerability Search Space by Learning Bug Symptoms
- ARBITRAR: User-Guided API Misuse Detection
Suggested Readings:
-
Lecture09/26/2025
FridayVulnerability Prevention (Part 1)[slides]Required Readings:
- SoftBound: Highly Compatible and Complete Spatial Memory Safety for C
- Preventing Use-after-free with Dangling Pointers Nullification
Suggested Readings:
-
Lecture09/29/2025
MondayVulnerability Prevention (Part 1)[slides]Required Readings:
- SoftBound: Highly Compatible and Complete Spatial Memory Safety for C
- Preventing Use-after-free with Dangling Pointers Nullification
Suggested Readings:
-
Lecture10/01/2025
WednesdayVulnerability Prevention (Part 2)[slides]Required Readings:
- CCured: Type-Safe Retrofitting of Legacy Code
- Dependent Types for Low-Level Programming
- Checked C: Making C Safe by Extension
Suggested Readings:
-
Lecture10/03/2025
FridayVulnerability Prevention (Part 2)[slides]Required Readings:
- CCured: Type-Safe Retrofitting of Legacy Code
- Dependent Types for Low-Level Programming
- Checked C: Making C Safe by Extension
Suggested Readings:
-
Due10/03/2025 23:59
FridayAssignment #1 due -
Project Milestone10/06/2025 00:00
MondayResearch Plan Due -
Exam10/08/2025 04:30
WednesdayMidterm 1 (In class, closed book, 50 min).Topics:
- TBA
Style:
- On paper — old style.
Types of Questions:
- Multiple choice.
- Descriptive.
- Fill in the blanks.
- Open ended.
-
Project Milestone10/20/2025 00:00
MondayAbstract/Intro Due -
Exam11/21/2025 04:30
FridayMidterm 2.Topics:
- TBA
Style:
- On paper — old style.
Types of Questions:
- Multiple choice.
- Descriptive.
- Fill in the blanks.
- Open ended.
-
Project Milestone12/12/2025 00:00
FridayProject Presentation -
Project Milestone12/19/2025 00:00
FridayFinal Project Report Due