Download presentation
Presentation is loading. Please wait.
1
Program Analysis and Software Security
SE is a field that people has less understanding and thus highly challenging, but high pay-off, broad impact, an Professor Xiangyu Zhang 2017 Dragon Star Nanjing University
2
Computer Science 58 Graduate Faculty: 270 Graduate Students
Purdue CS ranks the 20th in the latest US News ranking CS ranks the 2nd in Purdue provost’s top 10 priority list 58 Graduate Faculty: 29 Full Professors 9 Associate Professors 20 Assistant Professors 270 Graduate Students 16% Women 74% International Students 2
3
Research It’s Happening Here! Big Data (*) Biological Databases
Data Mining and Machine Learning (*) Distributed Systems Embedded Systems Information Retrieval Information Visualization Networking Operating System and Virtualization Programming Languages, Compilers and Software Engineering (*) Security (*) Scientific Computing and Parallelization (*) Theory (*) 5
4
CS Degrees Awarded in 59 M.S. 15 Ph.D.
5
Financial Support Fall 2016
118 Graduate RAs in CS 98 Graduate TAs in CS 17 Graduate Fellows
6
West Lafayette Campus
7
Location in West Lafayette, Indiana on the Wabash River
across from Lafayette 122 miles SE of Chicago 65 miles NW of Indianapolis
8
Admission Criteria CS course background GPA Letters of recommendation
Research experience and publications Statement of purpose GRE NOT required We accept applications any time, even though the deadline is 12/15
9
Instructor Research interest My research group
Program analysis and security New direction CPS security AI security My research group 14 current PhDs 10 former students Faculty in Georgia Tech, Ohio State, U of Georgia, Simon Fraser University Apple, Google, IBM, and Intel Founder of Sensorhound Best paper awards
10
This Course Program analysis (in the context of identifying security vulnerabilities and defending security attacks)
11
Software Security CIA Confidentiality Integrity Authentication
E.g., information leak Integrity E.g. control flow hijacking, ROP attacks Authentication E.g., component hijacking
12
Code Attacks
13
Need For Program Analysis
A software related vulnerability is essentially a bug in the software Identification Defending software oriented attacks Software transformation
14
Various Kinds of Program Analysis
Dynamic Static Symbolic Model checking Probabilistic (?) 1. int * p( ); int buf[16]; Int x,y; p= foo; input(x,y); y=0; if (x>5) y=x+3 if (y<25) buf[x]=y; (*p)( ); Int foo( ) {…}
15
Learning Objectives Hands-on experience
Project 1: Collecting memory access trace using Valgrind Project 2: Provenance tracking (2 options) Project 3: Equivalence checking Understand the various state-of-the-art analysis approaches Design and formulate program analysis Given a hack, how do we formulate it as a analysis problem How do we prove its correctness
16
Logistics Morning Afternoon Evening – independent study
09:30 – 10:20 (lecture I) 10:20 – 10:30 (break) 10:30 – 11:10 (lecture II) 11:10 – 11:20 (break) 11:20 – 12:00 (lecture III) Afternoon 1:30 – 2:10 (lecture IV) 2:10 – 2:20 (break) 2:20 – 3:00 (lecture V / in-class exercise) 3:00 – 3:20 (break) 3:20 – 4:20 (discussion) 4:20 – 4:30 (break) 4:30 – 6:00 (course project) Evening – independent study
17
Discussion Session Introduce yourself
Talk about your research and your group 3 min per individual presentation 5 min per group presentation Try to represent each school (Let’s create a wechat group: xiangyu-zhang2015)
18
Teaching Assistant Zhilong Wang Weiping Zhou Jinshan Ouyang Jun Zhu
19
Useful Textbooks Alfred V. Aho, Monical S. Lam, Ravi Sethi, Jeffrey D. Ullman, Compilers Principles, Techniques, & Tools. Aaron R. Bradley, Zohar Manna, The Calculus of Computation.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.