Program Analysis for Security (Mastervorlesung)

Overview

The lecture Program Analysis for Security covers topics on the theory and application of formal analysis techniques to low-level programs, as they are common in many security applications, from malware detection, forensic analysis, to vulnerability discovery and exploitation. The lecture curriculum consists of parts: binary analysis, static analysis, and dynamic analysis.

Teaching Staff

• Prof. Dr. Johannes Kinder
• Moritz Dannehl
• Matías Gobbi
• Oliver Braunsdorf

Prerequisites and Format

The course consists of three hours of lecture and two hours of exercises every week, both will be held in English. There are no formal prerequisites for the course, although prior knowledge of core operating systems concepts and foundational discrete mathematics, esp. lattices (Verband in German) will be helpful.

Time and Location

Lecture: Friday, 13:00–16:00, Richard-Wagner-Str. 10 / D 105 (from 18 October 2024)

Exercises: Monday, 14:00–16:00, Geschw.-Scholl-Pl. 1 (M) Raum M 101 (from 21 October 2024)

Exam

There will be a final exam, with the date announced in due course.

Topics

Analyzing Binaries

• Executable Files
• x86-64 Assembly
• Disassembly
• Decompilation
• Debugging

Static Analysis

• Lattices and fixpoints, classic dataflow analysis
• Interval analysis
• Interprocedural analysis
• Binary control flow
• Pointer analysis

Dynamic Analysis

• Fuzzing
• Testing for memory safety
• Dynamic binary instrumentation
• Dynamic taint analysis
• Symbolic Execution