CS 858: Selected Topics in Systems Security — Winter 2021
| Course Staff | N. Asokan (instructor) | Hans Liljestrand (expert) |
| nasokan@uwaterloo.ca | hans.liljestrand@uwaterloo.ca | |
| Seminar times (tentative) | Tuesdays, 2:30–4:00 pm | |
| Virtual Drop-In Hours | Thursdays, 2:30–3:30 pm, or by appointment | |
Suggested Reading List
Overview
Software systems written in memory-unsafe languages like C and C++ are pervasive. Their lack of memory safety leaves them vulnerable to various types of run-time attacks. In this graduate seminar, students will explore the state-of-the-art in run-time attacks and defenses.
Course Description
This synchronous seminar will take place within the Course Teams team. The seminar will primarily consist of reading, analyzing, presenting, and discussing research papers. There will be two papers assigned to each class period.
All students are required to read both of the papers before the class, and to submit a short (~1 page) analysis of each paper. Each paper will have a presenter and a discussion leader assigned to it. Each paper will have a dedicated channel in the Course Teams team. All activities related to a paper will take place in the corresponding paper channel.
The presenter will do a 20-minute presentation summarizing the paper and identifying at least three discussion questions. The discussion leader will also (independently) prepare at least three discussion questions. After each paper presentation, there will be a synchronous discussion session led by the discussion leader. The discussion can then continue asynchronously on the paper channel in the Course Teams team until the end of the next day. The discussion leader will write up and submit a summary of the discussion by the end of the week.
Guidance for participants (preparing paper summaries, participating in the discussion), presenter (preparing and delivering the paper presentation), and discussion leader (leading and summarizing the discussion) can be found on the Course Teams team.
Presenters will pre-record their presentations, upload it to Stream (login using your UW credentials to upload), and send the link to the course instructor on the Course Teams team. They will also upload a copy of their slides on the Course CrowdMark site
Students should stick to the following schedule:- Presenters will upload their presentation slides (on CrowdMark) and the pre-recorded presentation video (on Stream) by 5:00 pm on the day before the presentaion. The first page of your presentation slide must include the link to your uploaded video.
- Discussion leaders will submit (on CrowdMark) their set of (at least three) discussion questions by 5:00 pm on the day before the presentation (usually Mondays). They will submit the discussion summary report (on CrowdMark) by 5:00 pm three days after the day of the presentation (usually Fridays).
- Other participants will submit their summary of the paper (on CrowdMark) by 5:00 pm on the day before the presentation.
Signup for papers: There is a Signup sheet in the Course Teams team which lists the dates on which each paper in the reading list is to be presented and discussed. Each student is required to sign up, by 5:00 pm on Thursday, January 14 for one paper as the presenter and another paper as the discussion leader. Sign-up is done on a first-come-first-serve basis.
If we do not have enough students present and lead discussion on all the listed papers, we will extend the signup so that students can bid to present or lead discussion an additional paper for an extra credit.
Note that all times for this course are specified in Eastern Time (the timezone of Waterloo and Toronto).
Projects
Students will work in groups of 2–3 on an original research project on a systems security topic, preferably related to run-time attacks and defenses. Each group will submit a proposal and the optional team charter (on CrowdMark) no later than 4 Feb at 5:00 pm. Students are strongly encouraged to briefly discuss their project idea with the instructor well in advance of this deadline. The project will typically involve developing or analyzing a software artifact. In some cases, the project can also be an extensive and thorough systematization of knowledge activity (comprehensive survey and synthesis). Near the end of term, time permitting, the groups will get the chance present their work to the class in a brief conference-style presentation. In addition, by 14 Apr at 5:00 pm they will produce and submit (on CrowdMark) a workshop-quality paper, 8–10 pages in length in standard ACM conference style format describing their artifact and project. The paper should include a contribution paragraph where the contribution of each group member is clearly outlined. It should also include a link to the software project repository (where applicable).
Grading
Grades for this seminar will be calculated as follows:
| 15% | Paper presentations |
| 15% | Leading discussions |
| 10% | Paper summaries |
| 10% | Participation in paper discussions |
| 50% | Project |
| 7.5% (tentative) | Extra credit for volunteering to present or lead discussion on an additional paper (if needed) |
Late policy: Late submission of a deliverable will be docked 10% of the marks for that deliverable, up to three days. No marks will be awarded for deliverables that are delayed by more than three days.
To provide some workload flexibility, only your top 12 paper summaries and top 12 discussion contributions will count towards your final grade.
The instructor reserves the right to alter your final project grade to reflect your contributions, as per your submitted group contracts.
Asynchronous Accommodations
If you cannot attend synchronous class sessions, please let us know in advance (within the first two weeks of the course) and we will provide an opportunity for you to shift the weighting of your class participation mark towards forum participation. All other grade components will remain unchanged.
Academic Integrity
Note that students are not generally permitted to submit the same work for credit in multiple classes. For example, if a student has reviewed or presented one of the papers in another seminar class, he or she should avoid reviewing or presenting it again for this class.
The general university policy:
Academic Integrity: In order to maintain a culture of academic integrity, members of the University of Waterloo community are expected to promote honesty, trust, fairness, respect and responsibility. Check the Office of Academic Integrity's website for more information.
All members of the UW community are expected to hold to the highest standard of academic integrity in their studies, teaching, and research. This site explains why academic integrity is important and how students can avoid academic misconduct. It also identifies resources available on campus for students and faculty to help achieve academic integrity in — and out — of the classroom.
Grievance: A student who believes that a decision affecting some aspect of his/her university life has been unfair or unreasonable may have grounds for initiating a grievance. Read Policy 70 — Student Petitions and Grievances, Section 4. When in doubt please be certain to contact the department's administrative assistant who will provide further assistance.
Discipline: A student is expected to know what constitutes academic integrity, to avoid committing academic offenses, and to take responsibility for his/her actions. Check the Office of Academic Integrity for more information. A student who is unsure whether an action constitutes an offense, or who needs help in learning how to avoid offenses (e.g., plagiarism, cheating) or about "rules" for group work/collaboration should seek guidance from the course professor, academic advisor, or the Undergraduate Associate Dean. For information on categories of offenses and types of penalties, students should refer to Policy 71 — Student Discipline. For typical penalties, check Guidelines for the Assessment of Penalties.
Avoiding Academic Offenses: Most students are unaware of the line between acceptable and unacceptable academic behaviour, especially when discussing assignments with classmates and using the work of other students. For information on commonly misunderstood academic offenses and how to avoid them, students should refer to the Office of Academic Integrity's site on Academic Misconduct and the Faculty of Mathematics Cheating and Student Academic Discipline Policy.
Appeals: A decision made or penalty imposed under Policy 70, Student Petitions and Grievances (other than a petition) or Policy 71, Student Discipline may be appealed if there is a ground. A student who believes he/she has a ground for an appeal should refer to Policy 72, Student Appeals.
Note for Students with Disabilities
AccessAbility Services, located in Needles Hall, Room 1401, collaborates with all academic departments to arrange appropriate accommodations for students with disabilities without compromising the academic integrity of the curriculum. If you require academic accommodations to lessen the impact of your disability, please register with AccessAbility at the beginning of each academic term.
Coronavirus Information and Resources
- Library COVID-19: Updates on library services and operations
- Coronavirus Information for Students This resource provides updated information on COVID-19 and guidance for accommodations due to COVID-19.
Mental Health Support
All of us need a support system. We encourage you to seek out mental health supports when they are needed. Please reach out to Campus Wellness and Counselling Services.
We understand that these circumstances can be troubling, and you may need to speak with someone for emotional support. Good2Talk is a post-secondary student helpline based in Ontario, Canada that is available to all students.
Territorial Acknowledgement
We acknowledge that we live and work on the traditional territory of the Attawandaron (Neutral), Anishinaabeg, and Haudenosaunee peoples. The University of Waterloo is situated on the Haldimand Tract, the land promised to the Six Nations that includes ten kilometres on each side of the Grand River.