Below is the calendar for this course. This is the preliminary schedule, which will be altered as the quarter progresses. It is the responsibility of the students to frequently check this web-page for schedule, readings, and assignment changes. As the professor, I will attempt to announce any change to the class, but this web-page should be viewed as authoritative. If you have any questions, please contact me (contact information is available at the course homepage).

DateTopicAssignments
Due		Readings for Discussion
(do readings before class)
03/31/25Introduction
(Slides)
Course syllabuslink
Chapter 1 - Operating Systems Securitylink
04/02/25Memory Errors
(Slides) 		Review: SoK: Eternal War... due
SoK: Eternal War in Memorylink
CyBoK: Software Security, Section 1: Categories of Vulnerabilities, Frank Piessens.link
04/07/25Limitations of Ordinary Operating Systems
(Slides)
Chapter 4link
Protection. Butler Lampson, Proc. 5th Princeton Conf. on Information Sciences and Systems, 1971. link
Chapter 2: Why Systems Are Not Secure?. Morrie Gasser, in Building a Secure Computer System, 1988. link
CyBoK: Software Security, Sections 1 and 2, Herbert Bos.link
04/09/25Security Principles
(Slides) 		Review: Lattice paper due
Operating Systems Security - Ch 2 link
Reference Monitor Concept, Trent Jaeger, Encyclopedia of Cryptography and Security, 2010. link
R. Sandhu. Lattice-Based Access Control Models link
Computer Security Archives Project, Matt Bishop. link
04/14/25Multics
(Slides)
Operating Systems Security, Chapter 3 link
CyBoK: Software Security, Section 3, Herbert Bos.link
Introduction and Overview of the Multics System F. J. Corbato and V. A. Vyssotsky, in Proceedings of the Fall Joint Computer Conference, 1965. link
Multics Security Evaluation: Vulnerability Analysis. Paul Karger and Roger Schell, 1974.link
04/16/25Linux Security Modules
(Slides) 		Project CVE/CWE
Operating Systems Security, Chapter 9 link
Linux Security Modules: General Security Support for the Linux Kernel. Chris Wright et al. In Proceedings of the 11th USENIX Security Symposium, August 2002. link
Using CQUAL for static analysis of authorization hook placement. Xiaolan Zhang, Antony Edwards, Trent Jaeger. In Proceedings of the 11th USENIX Security Symposium, August 2002. link
E. Santini. Creating a Linux Security Module with Kprobes: Blocking Network of Targeted Processes. link
04/21/25Software Hardening
(Slides) (Slides) 		Review: Top of the Heap (NDSS 2022) due
Dokyung Song et al. SoK: Sanitizing for Security. IEEE SP 2019.link
Kaiming Huang et al. Top of the Heap: Efficient Memory Error Protection of Safe Heap Objects, ACM CCS 2024.link
CyBoK: Software Security, Section 2: Prevention of Vulnerabilities, Frank Piessens.link
04/23/25Integrity
(Slides)
Operating Systems Security, Chapter 5 link
LOMAC: Low Water-Mark Integrity Protection for COTS Environments. Timothy Fraser. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, 2000. link
A Comparison of Commercial and Military Computer Security Policies. David D. Clark and David R. Wilson. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, 1987. link
Toward Automated Information-Flow Integrity Verification for Security-Critical Applications. Umesh Shankar, Trent Jaeger, and Reiner Sailer. In Proceedings of the 2006 Network and Distributed Systems Security Symposium, 2006. link
04/28/25Isolation
(Slides) 		Review: HW Isolation (ATC 2024) due
CyBoK: Software Security, Section 4, Herbert Bos.link
Chen et al. Limitations and Opportunities of Modern Hardware Isolation Mechanisms. USENIX ATC 2024.link
Z. Yedidia. Lightweight Fault Isolation: Practical, Efficient, and Secure Software Sandboxing, ASPLOS 2024.link
A. Burtsev et al. Evolving Operating Systems Towards Secure Kernel-Driver Interfaces. HotOS 2024.link
04/30/25SELinux
(Slides) (Slides)
Operating Systems Security, Chapter 8 link
Integrating Flexible Support for Security Policies into the Linux Operating System, Peter Loscocco and Stephen Smalley. In Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, 2001. link
Brimhall et al. A Comparative Analysis of Linux Mandatory Access Control Policy Enforcement Mechanisms, EuroSec 2023.link
05/05/25Extensions
(Slides) (Slides) (Slides) 		Review: SeaK paper (USENIX 2024) due
Niclas Hedam. eBPF from a Programmer's Perspective. 2023.link
Zicheng Wang et al. SeaK: Rethinking the Design of a Secure Allocator for OS Kernel, USENIX Security 2024.link
Kaiming Huang et al. SoK: Challenges and Paths Toward Memory Safety for eBPF. 2025. link
eBPF Research Paperslink
05/07/25File System Security
(Slides) (Slides)
The Confused Deputy (or why capabilities might have been invented). Norm Hardy. Operating Systems Review, pp. 36-38, Oct. 1988. link
JIGSAW: Protecting Resource Access by Inferring Programmer Expectations. Hayawardh Vijayakumar, Xinyang Ge, Mathias Payer, and Trent Jaeger, 23rd USENIX Security Symposium, 2014. link
Aditya Basu et al. Unsafe at Any Copy: Name Collisions from Mixing Case Sensitivities, USENIX FAST 2023.link
05/12/25Android Security
(Slides) (Slides) 		Review: Silver Spoon (SP 2025) due
CyBoK: Web and Mobile Security. See Android references, Sascha Fahl. link
Yu-Tsung Lee et al. PolyScope: Multi-Policy Access Control Analysis to Triage Android Scoped Storage, IEEE TDSC, 2023.link
Yu-Tsung Lee et al. Static Detection of Filesystem Vulnerabilities in Android Systems, arxiv, 2024.link
Wang et al. Born with a Silver Spoon: On the (In)Security of Native Granted App Privileges in Custom Android ROMs, IEEE SP 2025.link
05/14/25Travel - No class
05/19/25System Information Flow Control
(Slides) (Slides)
Information flow control for standard OS abstractions. Maxwell Krohn et al, in Proceedings of the ACM Symposium on Operating Systems Principles, 2007. link
05/21/25Hardening Operating Systems
CyBoK: Software Security, Section 5, Herbert Bos.link
SoK: Back to the Future - Towards Secure Operating Systems. Gernot Heiser, Kevin Elphinstone, Trent Jaeger. Draft - sent via canvaslink
05/26/25Memorial Day - No class
05/28/25Course Exam - in class
06/02/25Future of Systems Security
(Slides)
DATS: Data-centric Mandatory Access Control on Web Applications. Lluis Vilanova, Casen Hunger, Charalampos Papamanthou, Yoav Etsion, Mohit Tiwari. In Proceedings of Architectural Support for Programming Languages and Operating Systems, (ASPLOS), March 2018.link
Rahul George, et al. OptiSan: Using Multiple Spatial Error Defenses to Optimize Stack Memory Protection within a Budget. USENIX Security 2024.link
06/04/25Project PresentationsProject Presentations - 6/4/2025
06/09/25Course Project
.