The spring 2012 offering of CS 7934 will cover a variety of systems topics, with an eye toward three goals.
The first is to increase participants' understanding of systems approaches to dynamic problem detection and repair. Many computer systems are “brittle” in that small faults can easily have big consequences. For instance, a single buffer overflow in a library function can open the window to a code-injection attack against an application, which enables a root exploit, which allows an entire host to be compromised. Despite advances in programming languages, systems, and static analysis, defects in software and composed systems continue to wreak havoc. We will study recent research publications that present innovative, systems-based approaches to handling software that goes “off the track” at run time. How can the effects of run-time faults be mitigated? What does it mean for a system to go “off the track” at all? To what extent is it possible to repair damage that results from a run-time fault?
The second is to be a venue for student presentations. Every student participating in the seminar will be required to lead at least one meeting during the semester. This may be a “formal” research presentation—ideally of a student's current work—or it may be an analysis of the research papers chosen for a seminar meeting.
The third is to stay abreast of papers from recent and imminent top-tier systems conferences: e.g., SOSP, OSDI, NSDI, SIGCOMM, FAST, systems-related security conferences, and so on. Papers will be selected for their relevance to participants' research or upcoming Utah visitors.
CS 7934 is often called “the CSL seminar.” The name CSL is historic.
To get on the class mailing list, use Mailman to subscribe to csl-sem.
Those taking the course for credit must read all of the papers, submit a short summary of each paper prior to class (PDF, Postscript, LaTeX), participate in each discussion, and make at least one research presentation.
A summary must consist of a student's original work. Unattributed copying of material from the papers being discussed or other sources is plagiarism as will be treated as such.
We urge students to sign up for one credit if you're going to be attending anyway. Although the course is listed as “variable credit,” the course is only available for one (1) credit in all but the most exceptional circumstances. If you want to take the course for more than one credit, you must request and receive approval from the instructor.
(You can check out what we did last semester here.)
| Week | Date | Topic(s) | Facilitator | Paper(s) |
|---|---|---|---|---|
| 1 | 1/13 | — | Eide | no meeting — organizational email |
| 2 | 1/20 | acceptability-oriented computing | Eide | Enhancing
Server Availability and Security Through Failure-Oblivious
Computing.
Martin Rinard et al.
In OSDI '04,
Oct. 2004. Living in the Comfort Zone. Martin Rinard. In OOPSLA '07, Oct. 2007. Supplementary: Exploring the Acceptability Envelope. Martin Rinard et al. In OOPSLA '05 Companion, Oct. 2005. |
| 3 | 1/27 | self-healing systems | Hibler | From
STEM to SEAD: Speculative Execution for Automated Defense.
Michael E. Locasto et al.
In USENIX
ATC '07,
Jun. 2007. Exterminator: Automatically Correcting Memory Errors with High Probability. Gene Novark et al. In PLDI '07, Jun. 2007. |
| 4 | 2/3 | data-structure repair | Wong | Inference and
Enforcement of Data Structure Consistency Specifications.
Brian Demsky et al.
In ISSTA '06,
Jul. 2006. Assertion-based Repair of Complex Data Structures. Bassem Elkarablieh et al. In ASE '07, Nov. 2007. |
| 5 | 2/10 | automatic patch generation | Kim | Automatically
Patching Errors in Deployed Software.
Jeff H. Perkins et al.
In SOSP '09,
Oct. 2009. Sweeper: A Lightweight End-to-End System for Defending Against Fast Worms. Joseph Tucek et al. In EuroSys '07, Mar. 2007. |
| 6 | 2/17 | control-flow integrity | Eide | Control-Flow Integrity Principles, Implementations, and Applications. Martín Abadi et al. ACM TISSEC, 13(1), Nov. 2009. |
| 7 | 2/24 | — | — | no meeting — student research posters |
| 8 | 3/2 | tracing | Burtsev | Fay: Extensible
Distributed Tracing from Kernels to Clusters.
Úlfar Erlingsson et al.
In SOSP '11,
Oct. 2011. Execution Mining. Geoffrey Lefebvre et al. In VEE '12, Mar. 2012. To appear. |
| 9 | 3/9 | program-trace queries | Johnson | Finding
Application Errors and Security Flaws Using PQL: A Program Query
Language.
Michael Martin et al.
In OOPSLA '05,
Oct. 2005. Relational Queries Over Program Traces. Simon F. Goldsmith et al. In OOPSLA '05, Oct. 2005. |
| 10 | 3/16 | — | — | no meeting — University spring break |
| 11 | 3/23 | dynamic data-flow analysis | Eide | libdft: Practical
Dynamic Data Flow Tracking for Commodity Systems.
Vasileios P. Kemerlis et al.
In VEE '12,
Mar. 2012. Efficient and Extensible Security Enforcement Using Dynamic Data Flow Analysis. Walter Chang et al. In CCS '08, Oct. 2008. |
| 12 | 3/30 | integrity monitoring | Hibler | Ensuring
Operating System Kernel Integrity with OSck.
Owen S. Hofmann et al.
In ASPLOS '11,
Mar. 2011. Linux Kernel Integrity Measurement Using Contextual Inspection. Peter A. Loscocco et al. In STC '07, Nov. 2007. Supplementary: Dynamic Integrity Measurement and Attestation: Towards Defense Against Return-Oriented Programming Attacks. Lucas Davi et al. In STC '09, Nov. 2009. |
| 13 | 4/6 | access control | Burtsev | Formal Models of
Capability-Based Protection Systems.
Lawrence Snyder.
IEEE Transactions on Computers, C–30(3),
Mar. 1981. Object Views: Fine-Grained Sharing in Browsers. Leo A. Meyerovich et al. In WWW '10, Apr. 2010. Supplementary: Prohibiting Delegation. Mark S. Miller. Web page, May 2009. |
| 14 | 4/13 | multi-variant execution | Kim | On the
Effectiveness of Multi-Variant Program Execution for Vulnerability
Detection and Prevention.
Todd Jackson et al.
In MetriSec '10,
Sep. 2010. Runtime Defense against Code Injection Attacks using Replicated Execution. Babak Salamat et al. IEEE Transactions on Dependable and Secure Computing, 8(4), Jul.–Aug. 2011. |
| 15 | 4/20 | runtime support | Johnson | MOP: An Efficient
and Generic Runtime Verification Framework.
Feng Chen and Grigore Rosu.
In OOPSLA '07,
Oct. 2007. QVM: An Efficient Runtime for Detecting Defects in Deployed Systems. Matthew Arnold et al. In OOPSLA '08, Oct. 2008. Supplementary: Retroactive Aspects: Programming in the Past. Robin Salkeld et al. In WODA '11, Jul. 2011. |
| 16 | 4/27 | malware analysis | Eide | A Survey on Automated Dynamic Malware-Analysis Techniques and Tools. Manuel Egele et al. ACM Computing Surveys, 44(2), Feb. 2012. |
Upcoming and recent conference proceedings are good sources of papers for discussion. Below are links to some relevant conference series.