CSE 536: Advanced Operating Systems (Spring 2023)
The Operating System (OS) is one of the most critical component of modern machines---all the way from Raspberry Pis to supercomputers---because it controls hardware resources allocated to all other software. In this course, we start by answering fundamental questions about operating systems and gradually progress all the way to shattering traditional assumptions regarding trust on an OS. For instance, we will start by answering the question: How does the operating system get to start when a machine boots up? At the end, we will answer the question: what should I do when I cannot trust the operating system to correctly protect my programs? Students gain a theoretical and practical understanding of how an OS works, all the way from how it starts to how it can spawn even new operating systems through virtualization techniques. With this, they are expected to become proficient in systems-level programming on any operating system codebase (e.g., Linux, Windows).
CSE 691: Current Topics in Cybersecurity (Spring 2023)
Cybersecurity is a wide research area, focusing on four "top conferences" spaced out over the year. To understand the state of the art in cybersecurity, one has to follow the latest developments of all four of these top conferences. This course will focus on the reading, review, and discussion of papers published in the "top four" cybersecurity conferences (namely ISOC NDSS, IEEE S&P, ACM CCS, and USENIX Security). Each session will cover a unique set of freshly-published papers, and different iterations of this seminar will be quite different from each other. Assessment will be based on participation. Each student will be required to present, as part of a group, one or two papers each semester and to assist in distilling papers (again, as part of a group) into blog form once or twice per semester. Grades will be determined based on the insight and quality of these presentations.
CSE 598: Trusted Computing in Clouds: Past, Present, and Future (Fall 2022)
Users increasingly send data sets containing sensitive attributes, like personally identifiable information, to various cloud machines, where data sets are exposed to numerous attack vectors (e.g., untrusted cloud administrators and other tenants). As evident in several high-profile data breaches, like the T-Mobile breach that exposed the social security number (SSN) of millions of people, even some of our most crucial and privacy-sensitive data sets are not secure. In this course, we investigate the promise of hardware-assisted trusted computing, a field of study that uses CPU protection features (e.g., Intel SGX, AMD SEV, ARM TrustZone/CCA, etc.) to protect user data inside enclaves on cloud machines. Initially, we will study the seminal work that lead to the development of these features. Then, we will discuss how software systems leverage enclaves to enable trusted services. Unfortunately, enclaves suffer from various attack vectors (e.g., side-channels, micro-architectural defects, etc.). We will investigate both attack vectors and proposed software/hardware defenses. The course will conclude with an overview of the open problems in the trusted computing area.