Bachelor- and Master Seminar

Dear All,

The next seminar(s) take place on 22.11.2023 at 14:00 (Session A) and 14:00 (Session B).

Session A: (14:00-15:00)
Matteo Leonelli

https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09

Meeting-ID: 967 8620 5841
Kenncode: BT!u5=

 

Session B: (14:00-15:30)

Moritz Wilhelm, Justin Steuer, Vinay Tilwani

https://cispa-de.zoom-x.de/j/67589187585?pwd=R0NTMWx5M1lNa0JWdk1GY3BWR21wUT09

 

Session A:

14:00 - 14:30

Speaker: Matteo Leonelli
Type of talk: Master Intro
Advisor: Thorsten Holz, Ali Abbasi
Title: Coverage Guidance by Proxy for Differential Fuzzing of Video Accelerators
Research Area: RA3

Abstract:

Today, video encoders and decoders implemented in hardware are integral to our daily lives through the internet, media, and social networks.

The interaction between software and hardware in decoding videos involves hardware accelerators that interface with drivers, facilitating the use of privileged software and hardware components. This interplay introduces the potential for functional disparities and security vulnerabilities due to the black box, obscure, and complex nature of hardware that makes testing difficult. In contrast, the software decoding process is white box, testable, and only presents intuitive scenarios, though implemented entirely differently.

Like other testing fields, hardware security research struggles with defining efficient test oracles. In the context of our research, we aim to design a methodology to assess the behavior of hardware components, specifically video hardware accelerators. This tool leverages coverage of the software implementation as a proxy for the state of the decoding process, allowing for the inference of hardware coverage and the ability to uncover potential non-deterministic or incorrect behavior in the hardware components. Our approach employs a fuzz testing strategy to identify hardware and software bugs, effectively tracing hardware behaviors through software metrics. We demonstrate the applicability of this approach through a case study involving video hardware accelerators, testing the complete hardware acceleration stack against the software implementation. Importantly, this methodology holds promise for various scenarios where hardware implementations exhibit determinism and have analogous software implementations for testing functional correctness and performing lower-level security assessments.

 

Session B:

14:00 - 14:30

Speaker: Moritz Wilhelm
Type of talk: Master Final
Advisor: Ben Stock, Giancarlo Pellegrino
Title: A Song of Trust and Archives: Assessing the Dependability of Web Archives for Reproducible Web Security Measurements
Research Area: RA5: Empirical and Behavioural Security

Abstract:
In recent years, the research community has recognized the growing significance of artifact evaluation. Nonetheless, the ever-changing and unpredictable nature of the Web continues to present an unresolved challenge for achieving reproducible web measurements. This thesis explores the potential of public web archives, with a particular focus on the Internet Archive, in addressing this persistent issue.

Our analysis involves a comprehensive evaluation of the reliability of data sourced from the Internet Archive. We first conduct a longitudinal analysis spanning 7.5 years, ranging from 2016 to the present, to assess the extent of historical data coverage within the Internet Archive. While previous research has heavily relied on the Internet Archive to conduct historical web measurements, this reliance has largely been rooted in trust. To assess the validity of this trust, we evaluate the consistency of data stored in the Internet Archive via two case studies. Specifically, we analyze the prevalence of both syntactic and semantic differences in security header configurations, as well as variations in third-party JavaScript dependencies among Internet Archive snapshots that are in close temporal proximity. Finally, we explore the feasibility of leveraging the Internet Archive to simulate live web security measurements, thereby  addressing the challenge of replicability in such studies.

Our findings affirm that the Internet Archive offers an extensive and densely populated repository of archival snapshots, highlighting its dependability for web measurements. However, we detect subtle pitfalls when conducting archive-based measurements and offer effective strategies for mitigation, including the concept of snapshot neighborhoods. Furthermore, we present a series of best practices tailored for future archive-based web measurements. In conclusion, we determine that the Internet Archive provides a reliable foundation for conducting reproducible web measurements.

 

14:30 - 15:00

Speaker: Justin Steuer
Type of talk: Bachelor Final
Advisor: Dominic Steinhöfel
Title: Constraint-Aware Parsing
Research Area: RA5: Empirical and Behavioural Security

Abstract:

Parsing is an integral tool of software development for disassembling input and checking it for correctness. 
However, parsers that solely rely on context-free grammars, while versatile, can only check input for syntactic validity and can not verify context-sensitive properties. 
ISLa, a declarative specification language for context-sensitive properties, enables users to specify context-sensitive constraints 
on top of a context-free grammar that each valid string must satisfy. 
ISLa cannot only produce valid inputs but can also check for a specified string whether it fulfills all given constraints. 
While this feature is functional, it is not optimal in the way that it is implemented, since it first parses the string through a parser for context-free grammars 
(thus verifying its syntactic correctness) and only then verifies its semantic correctness afterward. 
This can be quite inefficient when a lot of inputs have to be verified since each input needs to be fully parsed regardless of whether it fulfills the semantic requirements or not.

This talk introduces the concept of Constraint-Aware Parsing, which aims to build upon Parsimonious, a Python-based parser for Parsing Expression Grammars, 
and give it additional functionality to verify context-sensitive constraints alongside the traditional parsing process and extend it into a so-called 'Constraint Parser'. 
Furthermore, an implementation of a Constraint Parser based on an Earley Parser will be discussed together with the challenges that come with implementing 
such a parser and how this theoretical parser could come with the advantage of being able to use constraints to resolve ambiguity while parsing, 
which can make parsing with ambiguous grammars much more efficient compared to the standard Earley Parser, which creates a parse forest to handle ambiguity.

 

15:00 - 15:30

Speaker: Vinay Tilwani
Type of talk: Master Final
Advisor: Prof. Dr. Andreas Zeller, Jan Reineke
Title: Fuzzing LLVM bitcode using FormatFuzzer
Research Area: RA3

Abstract: The LLVM project and its tools are used to power the compilers of many popular programming languages - C, Rust, Swift, etc. A bug in one of the LLVM tools might create a hard-to-debug bug or vulnerability in programs compiled using these compilers. This entails that LLVM tools are critical pieces of software infrastructure and should be thoroughly tested. Due to the complexity of the input space of these tools, traditional software testing techniques are inadequate, and a automated, random, exploratory approach of Software Fuzzing is much more suitable. We use an in-house binary-based fuzzer FormatFuzzer to fuzz inputs to the most critical LLVM tools and show our results here. In a unique endeavour, we present the results of directly fuzzing a complex format like bitcode to uncover bugs, while also illustrating the applicability of FormatFuzzer in a new domain.

Dear All,

The next seminar(s) take place on 08.11.2023 at 14:00 (Session A). Please note that there is only one session.

Session A: (14:00-15:30)
Heyang Li, Sohom Mukherjee, Nils Hagen

https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09

Meeting-ID: 967 8620 5841
Kenncode: BT!u5=

 

Session A:

14:00 - 14:30

Speaker: Heyang Li
Type of talk: Master Intro
Advisor: Prof. Dr. Andreas Zeller, Fengming Zhu
Title: Monitoring System Invariants
Research Area: Threat Detection and Defenses

Abstract: 
How can we detect complex anomalies in log-based systems? Monitoring can detect abnormal behaviors using formal specifications, but
we lack an expressive specification language to describe the behaviors of log-based systems. The behaviors of log-based systems can 
be abstracted as temporal context-sensitive properties, involving the interplay of syntax, semantics and high-level temporal properties.  
System invariants is a novel model for characterizing context-sensitive structures over context-free grammars. It is based on ISLa, the 
state-of-the-art specification language for context-sensitive properties. Linear temporal logic and its first-order variants are widely 
used for high-level temporal properties. However, the expressiveness of system invariants and temporal logic are disjoint. 
    
This thesis aims to propose a new approach to monitor temporal context-sensitive properties based on system invariants. Firstly, I am 
going to extend the formal model of system invariants to express temporal properties. And then I am going to design and implement monitoring 
algorithms for system invariants. Furthermore, I will attempt to have the monitor mine the characterization of errors if the monitor 
detects anomalies.     

 

14:30 - 15:00

Speaker: Sohom Mukherjee 
Type of talk: Master Intro 
Advisor: Sebastian Stich
Title: Adaptive Optimization for Federated Visual Classification
Research Area: RA1 
Abstract: In this project we shall consider the problem of distributed optimization with intermittent communication (federated learning) where multiple devices jointly train a visual classification model without sharing their local data. While FedAvg (aka Local SGD) has become ubiquitous for such distributed optimization tasks, it does not converge in theory using fixed stepsizes. Various alternatives are adopted in practice such as stepsize schedules or grid search, but they do not come with theoretical guarantees or are computationally expensive. In this work we start by studying the decreasing stepsize for FedAvg and prove convergence under heterogeneity. Then we go on to experimentally study AdaGrad-type adaptive stepsizes for the federated setting. There are various design choices involved in this, and we try to provide some intuition and suggestions on the design of adaptive federated methods. Since the analysis of AdaGrad-type methods involve many complications and open problems in the centralized setting itself, we study them for the special case of a single worker and provide some clear theoretical statements and proofs. Finally, we will also evaluate our methods on small scale (LeNet on MNIST dataset) as well as large scale (VGG and ResNet on CIFAR10) distributed image classification tasks with homogeneous as well as heterogeneous data settings.

 

15:00 - 15:30

Speaker: Nils Hagen
Type of talk: Bachelor Final
Advisor: Prof. Andreas Zeller, Leon Bettscheider
Title: Semantic Fuzzing with I/O Contracts
Research Area: RA5: Empirical and Behavioural Security

Abstract: 

Grammar-based fuzzing with context-free grammars is a common technique to make fuzzers
more program-specific and to increase coverage. This has proven to be an especially
successful test generation method in black-box settings with target programs that require
highly-structured inputs. However, context-free grammars are limited to the expression
of syntactic constraints which makes them unsuitable for input/output affiliations (like
in a client/server architecture or other reactive systems) where input and output are
semantically linked. Most fuzzers therefore rely solely on generic test oracles for bug
detection that either detect program crashes or output on standard error ports.
To express more powerful oracles we additionally want to consider the aforementioned input-
output relations. In this work we present a method to describe these semantically linked
interactions through I/O contracts where syntactic and semantic properties are expressed
through intertwined context-free grammars (termed I/O grammars) and semantic ISLa
constraints. Furthermore, we show how to apply these methods in practice on a real-world
server implementation of the IRC protocol.