Overview
Students taking the security quals are required to read the following list of books and papers. The qual is a 30 minutes oral exam where topics from this reading list will be discussed. Please contact Dan Boneh to schedule the exam.
Papers
- (State of) The Art of War: Offensive Techniques in Binary Analysis, Y. Shoshitaishvili, R. Wang, C. Salls, N. Stephens, M. Polino,A. Dutcher, J. Grosen, S. Feng, C. Hauser, C. Kruegel, and G. Vigna, 2016
- Inside the slammer worm, D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, N. Weaver, IEEE Security and Privacy, 4(1), July 2003, pp. 33-39.
- Return-Oriented Programming: Systems, Languages, and Applications, R. Roemer, E. Buchanan, H. Shacham, and S. Savage. ACM Trans. Info. & Sys. Security 15(1):2, Mar. 2012
- Deep Packer Inspection: A Longitudinal Study of the Complexity of Run-Time Packers, X. Ugarte-Pedrero, D. Balzarotti, I. Santos Grueiro, P. Garcia Bringas, 2015
- Processor security: Spectre Attacks: Exploiting Speculative Execution, Paul Kocher, et al., 2019
- Control-flow integrity principles, implementations, and applications, M. Abadi, M. Budiu, U. Erlingsson, J. Ligatti. ACM Transactions on Information and System Security 13: 1, 2009
- Eternal War in Memory, Laszlo Szekeres, Mathias Payer, Tao We, Dawn Song, 2013
- Using Programmer-Written Compiler Extensions to Catch Security Holes, Ken Ashcraft, Dawson Engler, in IEEE Security and Privacy 2002.
- All You Ever Wanted to Know About Dynamic Taint Analysis and Forward Symbolic Execution, E. Schwartz, T. Avgerinos, D. Brumley, 2010
- System call interposition and seccomp
- Ron Rivest, Cryptography. Handbook of Theoretical Computer Science, Volume A, pp. 717-755
- A look back at Security Problems in the TCP/IP Protocol Suite, S. Bellovin, ACSAC 2004.
- Paxson, Bro: A System for Detecting Network Intruders in Real-Time. Proc. 7th USENIX Security Symposium, San Antonio, TX, January 1998.
- A survey of BGP security, K. Butler, T. Farley, P. McDaniel, and J. Rexford.
- Reflections on Trusting Trust, K. Thompson, Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763.
- Efficient Software-Based Fault Isolation, R. Wahbe, S. Lucco, T. Anderson and S. Graham, ACM SIGOPS Operating Systems Review, Vol 27, No 5, Dec 1993, pp 203-216.
A Few Classics
Last updated: 5/2017