Presentation is loading. Please wait.

Presentation is loading. Please wait.

Program Analysis and Software Security

Published byHeather Porter Modified over 6 years ago

Similar presentations

Presentation on theme: "Program Analysis and Software Security"— Presentation transcript:

1 Program Analysis and Software Security
SE is a field that people has less understanding and thus highly challenging, but high pay-off, broad impact, an Professor Xiangyu Zhang 2017 Dragon Star Nanjing University

2 Computer Science 58 Graduate Faculty: 270 Graduate Students
Purdue CS ranks the 20th in the latest US News ranking CS ranks the 2nd in Purdue provost’s top 10 priority list 58 Graduate Faculty: 29 Full Professors 9 Associate Professors 20 Assistant Professors 270 Graduate Students 16% Women 74% International Students 2

3 Research It’s Happening Here! Big Data (*) Biological Databases
Data Mining and Machine Learning (*) Distributed Systems Embedded Systems Information Retrieval Information Visualization Networking Operating System and Virtualization Programming Languages, Compilers and Software Engineering (*) Security (*) Scientific Computing and Parallelization (*) Theory (*) 5

4 CS Degrees Awarded in 59 M.S. 15 Ph.D.

5 Financial Support Fall 2016
118 Graduate RAs in CS 98 Graduate TAs in CS 17 Graduate Fellows

6 West Lafayette Campus

7 Location in West Lafayette, Indiana on the Wabash River
across from Lafayette 122 miles SE of Chicago 65 miles NW of Indianapolis

8 Admission Criteria CS course background GPA Letters of recommendation
Research experience and publications Statement of purpose GRE NOT required We accept applications any time, even though the deadline is 12/15

9 Instructor Research interest My research group
Program analysis and security New direction CPS security AI security My research group 14 current PhDs 10 former students Faculty in Georgia Tech, Ohio State, U of Georgia, Simon Fraser University Apple, Google, IBM, and Intel Founder of Sensorhound Best paper awards

10 This Course Program analysis (in the context of identifying security vulnerabilities and defending security attacks)

11 Software Security CIA Confidentiality Integrity Authentication
E.g., information leak Integrity E.g. control flow hijacking, ROP attacks Authentication E.g., component hijacking

12 Code Attacks

13 Need For Program Analysis
A software related vulnerability is essentially a bug in the software Identification Defending software oriented attacks Software transformation

14 Various Kinds of Program Analysis
Dynamic Static Symbolic Model checking Probabilistic (?) 1. int * p( ); int buf[16]; Int x,y; p= foo; input(x,y); y=0; if (x>5) y=x+3 if (y<25) buf[x]=y; (*p)( ); Int foo( ) {…}

15 Learning Objectives Hands-on experience
Project 1: Collecting memory access trace using Valgrind Project 2: Provenance tracking (2 options) Project 3: Equivalence checking Understand the various state-of-the-art analysis approaches Design and formulate program analysis Given a hack, how do we formulate it as a analysis problem How do we prove its correctness

16 Logistics Morning Afternoon Evening – independent study
09:30 – 10:20 (lecture I) 10:20 – 10:30 (break) 10:30 – 11:10 (lecture II) 11:10 – 11:20 (break) 11:20 – 12:00 (lecture III) Afternoon 1:30 – 2:10 (lecture IV) 2:10 – 2:20 (break) 2:20 – 3:00 (lecture V / in-class exercise) 3:00 – 3:20 (break) 3:20 – 4:20 (discussion) 4:20 – 4:30 (break) 4:30 – 6:00 (course project) Evening – independent study

17 Discussion Session Introduce yourself
Talk about your research and your group 3 min per individual presentation 5 min per group presentation Try to represent each school (Let’s create a wechat group: xiangyu-zhang2015)

18 Teaching Assistant Zhilong Wang Weiping Zhou Jinshan Ouyang Jun Zhu

19 Useful Textbooks Alfred V. Aho, Monical S. Lam, Ravi Sethi, Jeffrey D. Ullman, Compilers Principles, Techniques, & Tools. Aaron R. Bradley, Zohar Manna, The Calculus of Computation.

Download ppt "Program Analysis and Software Security"

Similar presentations

Toward Better Research: Cross-Threads Nick Feamster, Alex Gray, Charles Isbell College of Computing Georgia Tech.

Toward Better Research: Cross-Threads Nick Feamster, Alex Gray, Charles Isbell College of Computing Georgia Tech.
E-Science Data Information and Knowledge Transformation Thoughts on Education and Training for E-Science Based on edikt project experience Dr. Denise Ecklund.

E-Science Data Information and Knowledge Transformation Thoughts on Education and Training for E-Science Based on edikt project experience Dr. Denise Ecklund.
Course Outline Traditional Static Program Analysis Software Testing

Course Outline Traditional Static Program Analysis Software Testing
UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering CSCE 531 Compiler Construction Final Lecture of the Semester Spring 2010 Marco.

UNIVERSITY OF SOUTH CAROLINA Department of Computer Science and Engineering CSCE 531 Compiler Construction Final Lecture of the Semester Spring 2010 Marco.
1 Undergraduate Curriculum Revision Department of Computer Science February 10, 2010.

1 Undergraduate Curriculum Revision Department of Computer Science February 10, 2010.
Compiler Construction by Muhammad Bilal Zafar (AP)

Compiler Construction by Muhammad Bilal Zafar (AP)
Graduate Admissions and Enrollment Management Maureen Kilroy, Assistant Dean Office of Graduate Studies and Research Georgia Institute of Technology.

Graduate Admissions and Enrollment Management Maureen Kilroy, Assistant Dean Office of Graduate Studies and Research Georgia Institute of Technology.
Computer Science Club Seminar Opportunities after graduation: Master’s degree? Dr. Vasil Hnatyshin Fall 2010.

Computer Science Club Seminar Opportunities after graduation: Master’s degree? Dr. Vasil Hnatyshin Fall 2010.
MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.

MS DB Proposal Scott Canaan B. Thomas Golisano College of Computing & Information Sciences.
Purdue University Pag. 1 CS 397 Dongyan Xu Department of Computer Science and CERIAS Purdue University Office:

Purdue University Pag. 1 CS 397 Dongyan Xu Department of Computer Science and CERIAS Purdue University Office:
Carnegie Mellon University Computer Science Foundations for Ph.D. Students The Carnegie Mellon Perspective Computer Science Foundations for Ph.D. Students.

Carnegie Mellon University Computer Science Foundations for Ph.D. Students The Carnegie Mellon Perspective Computer Science Foundations for Ph.D. Students.
CSC 171 – FALL 2004 COMPUTER PROGRAMMING LECTURE 0 ADMINISTRATION.

CSC 171 – FALL 2004 COMPUTER PROGRAMMING LECTURE 0 ADMINISTRATION.
1. Familiar facts: Everyone knows that developments in hardware and software technology have had and will have tremendous impacts on all our lives, in.

1. Familiar facts: Everyone knows that developments in hardware and software technology have had and will have tremendous impacts on all our lives, in.
Instuctor Background Instructor: Michael J. McCarthy Associate Teaching Professor of Information Systems at Carnegie Mellon University from 1999 until.

Instuctor Background Instructor: Michael J. McCarthy Associate Teaching Professor of Information Systems at Carnegie Mellon University from 1999 until.
The Indiana University School of Informatics Bobby Schnabel: Dean, Indiana University School of Informatics Presented by Geoffrey Fox: Associate Dean for.

The Indiana University School of Informatics Bobby Schnabel: Dean, Indiana University School of Informatics Presented by Geoffrey Fox: Associate Dean for.
Marketing Information Systems: course syllabus

Marketing Information Systems: course syllabus
The Indiana University School of Informatics Bobby Schnabel: Dean, Indiana University School of Informatics Presented by Geoffrey Fox: Associate Dean for.

The Indiana University School of Informatics Bobby Schnabel: Dean, Indiana University School of Informatics Presented by Geoffrey Fox: Associate Dean for.
Computer Science Graduate Programs at UTSA Dr. Weining Zhang.

Computer Science Graduate Programs at UTSA Dr. Weining Zhang.
The Erik Jonsson School of Engineering and Computer Science Ph.D. in CS/SE at UTD Balaji Raghavachari Department of Computer Science University of Texas.

The Erik Jonsson School of Engineering and Computer Science Ph.D. in CS/SE at UTD Balaji Raghavachari Department of Computer Science University of Texas.
Graduate Programs in Dept of Computer Science Univ. of Texas at San Antonio Dr. Weining Zhang.

Graduate Programs in Dept of Computer Science Univ. of Texas at San Antonio Dr. Weining Zhang.

Similar presentations

Ads by Google