I know you guys have been eager to see the next assignment. Here it goes – assignment 2 is posted. The deadline is still 2 weeks. This assignment involves Linux kernel hacking and hands-on experience with LSM modules. I was thinking about the kernel module approach then I realized that you guys would miss a good opportunity to do some real kernel hacking. Meanwhile, I also consider the fact that it might be your first time hacking the Linux kernel. There are 3 different parts within this assignment, each of which is built upon on each other. The bottom line is I hope everyone can get the 1st part done to get the 50% points. If you push harder (or want more fun), the 2nd part is definitely doable as well. The 3rd part will also be within your research once you have finished the first two parts.
It is possible that this assignment will be our last one (I hope now and I am still planning for another one involving Intel SGX and ARM TrustZone). If that is the case, I will make sure these two assignments take enough portion of points in the final grading.
Remember: if you get stuck somewhere, use google, find friends, talk with your classmates, or even ask questions in/out-side the class. Linux kernel hacking is not rocket science but it definitely takes some time to get started if it is totally new to you. Start this assignment ASAP if possible.
Let’s have our “midterm” this Wed (10/30) before ghosts start to haunt. Everyone should have 15 min in total: 10~12 min presentations about your final project + 3~5 min Q&A. I will give a score based on the “technical merit” of the final project, the quality of your presentation, and your progress of the final project.
For the presentation, you could consider including slides for the technical area, the problem that you are trying to solve, the security model of your approach (again, what is a security model?), your methodology, design, implementation, evaluation, progress, and etc. Make sure you are able to make your audience understand how cool your final project is while demonstrating enough technical depth.
For the presentation, you could use the machine in our classroom, bring your own laptop, or even use my laptop (please let me know ahead of time if this is the case). Look forward to seeing cool projects from you guys~
I’ve finished the grading for Assignment-1 on Blackboard. I assume you could see your score within the system now. If your score does not look right, please let me know. Happy Oct break!
In later Oct or early Nov, we will have our midterms. At this point, everyone should have started their final project and have some progress to report. I’m looking forward to hearing about these cool projects!
As mentioned, I will be traveling for the whole week next week. Prof. Antonio Bianchi will give a guest lecture on Android security model (e.g., Permission model) on Mon. Please be there and have fun. You could find more fun if you apply the things we have learned so far (e.g., Reference monitor concept) to Android security.
For the class on Wed, there is no need to show up in the class. Instead, please watch an awesome talk from Uncle Ahmad on TEE. Assignment 3 will be some TEE hands-on involving both Intel SGX and ARM TrustZone. Happy weekend~
I have been told, I quote, “Fall 2019 CS 59000 Operating System Security course has been approved for inclusion on an MS or PhD plan of study per the grad chair.”, and “Your course may still be added by students thru October 22nd, if desired.”
As the title, please check out Assignment 1 on the blog. Like we mentioned before, the deadline is in 2 weeks.
I have uploaded the slides of the first 2 weeks into the Blackboard system. If they are still not available, please let me know. Also, please keep these slides by yourself instead sharing them publicly (e.g., via github).