Topics and Additional Seminar Material
Topics:
| 1 |
Representation of source code |
Tutor: Gianluca, Masud and Giancarlo [Follow-up paper] code2vec: Learning Distributed Representations of Code (POPL 2019) - presenter: Blirona Keraj [Follow-up paper] Learning to Represent Programs with Graphs (ICLR 2018) - presenter: Varun Soni [Main paper] CodeBERT: A Pre-Trained Model for Programming and Natural Languages (EMNLP 2020) Date: 23rd of November |
|
| 2 | Automated program exploration |
Tutor: Aleksey and Giancarlo [Follow-up paper] Learn&Fuzz: Machine Learning for Input Fuzzing (ASE 2017) - presenter: Sharanya Raghavendra Rao Date: 30th of November |
|
| 3 | Aid traditional program analyses |
Tutor: Masud and Cris [Follow-up paper] Unsupervised Learning of API Aliasing Specifications (PLDI 2019) - presenter: Syeda Mahnur Asif [Follow-up paper] Machine-Learning-Guided Selectively Unsound Static Analysis (ICSE 2017) - presenter: Denis Pyshchai [Main paper] DEEPVSA: Facilitating Value-set Analysis with Deep Learning for Postmortem Program Analysis (USENIX 2019) Date: 7th of December |
|
| 4 | Replace traditional program analyses |
Tutor: Gianluca and Giancarlo [Follow-up paper] VulDeePecker: A Deep Learning-Based System for Vulnerability Detection (NDSS 2018) - presenter: Dominik Kempter [Main paper] Neutaint: Efficient Dynamic Taint Analysis with Neural Networks (S&P 2020) Date: 14th of December |
|
|
|
|||
| 6 | (Web) vulnerability detection |
Tutor: Aleksey and Giancarlo [Follow-up paper] Mitch: A Machine Learning Approach to the Black-Box Detection of CSRF Vulnerabilities (Euro S&P 2019) - presenter: Mahnoor Shahid [Main paper] Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning (WWW 2022) Date: 11th of January |
|
| 7 | ML-based decompiler |
Tutor: Thorsten [Follow-up paper] XDA: Accurate, Robust Disassembly with Transfer Learning (NDSS 2021) - presenter: Tim Nico Bauerschmidt [Follow-up paper] Coda: An End-to-End Neural Program Decompiler (NeurIPS 2019) - presenter: Janani Karthikeyan [Main paper] DeepDi: Learning a Relational Graph Convolutional Network Model on Instructions for Fast and Accurate Disassembly (USENIX 2022) Date: 18th of January |
|
| 8 | Automated program repair |
Tutor: Thorsten [Follow-up paper] Hoppity: Learning Graph Transformations to Detect and Fix Bugs in Programs (ICLR 2020) - presenter: Yorik Leon Wagner [Follow-up paper] CURE: Code-Aware Neural Machine Translation for Automatic Program Repair (ICSE 2021) - presenter: Mohamed Abdelhamid Ghanem [Main paper] DeepFix: fixing common C language errors by deep learning (AAAI 2017) Date: 25th of January |
|
| 9 | Explainability |
Tutor: Thorsten [Follow-up paper] LEMNA: Explaining Deep Learning based Security Applications (CCS 2018) - presenter: Mikka Rainer [Main paper] Explaining Vulnerabilities of Deep Learning to Adversarial Malware Binaries Date: 1st of February |
|
| 10 | Pitfalls of machine learning for code/security |
Tutor: Masud and Cris [Follow-up paper] IdBench: Evaluating Semantic Representations of Identifier Names in Source Code (ICSE 2021) - presenter: Khadija Butt [Follow-up paper] Dos and Don'ts of Machine Learning in Computer Security (USENIX 2022) - presenter: Maike Kalms [Main paper] You Autocomplete Me: Poisoning Vulnerabilities in Neural Code Completion (USENIX 2021) Date: 8th of February |
Selection of Scientific Presentations
- USENIX Security '21 - JAW: Studying Client-side CSRF with Hybrid Property Graphs and Declarative, by Soheil Khodayari
https://www.youtube.com/watch?v=vs-qQk0BKTY - USENIX Security '21 - Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner, by Adam Doupé
https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/doupe - USENIX Security '20 - Everything Old is New Again: Binary Security of WebAssembly, by Daniel Lehmann
https://www.youtube.com/watch?v=glL__xjviro