Depending on the COVID-19 situation, the seminar may be organized as an online course. The kick-off meeting, individual discussions and the final presentations may be conducted remotely via online learning tools. Please subscribe to this mailing list for further information.
Software backdoors impose a persistent threat to the confidentiality of user data and the integrity of applications. Malicious actors may use them to circumvent authentication procedures, leak data and much more. This topic becomes even more relevant in times in which even governments start to utlize backdoors for law enforcement and secret service activity. In this seminar, you will learn about different approaches to spot these vulnerable code snippets that may, when placed intentionally, constitute a backdoor. It shall provide you a broad understanding of the overall issue of software backdoors and vulnerabilities as well as detailed knowledge about common detection techniques.
The seminar is organized like a real academic conference. You need to prepare a written paper (German or English) about the selected topic. After submitting your paper at our conference system, you will write two short reviews about two of the papers submitted by your fellow students. In this way, you can give them feedback about how to improve their paper. Then, you will have time to improve your own final paper with reviews from the others. Last but not least, you will give a 20-25 minutes talk about your paper, and we will provide pizza to enjoy the talks at our small conference.
News and important information will be distributed via a mailing list. All participants should subscribe here to receive relevant updates.
Explore Machine Learning algorithms for vulnerability and backdoor discovery. Present their functionality and how they aid at automating this process.
Find out how to reveal authentication bypasses in binary firmware using static analysis and discuss your findings.
See how dynamic taint analysis is leveraged to reveal backdoors from a data-flow-centric perspective and share your insights.
Learn about how static and dynamic approaches are combined to find vulnerabilities in open source software and present your results.
Dive into sophisticated graph-based code representations in order to reveal vulnerable code or backdoors.
Learn about how to eliminate backdoors in authentication systems and present your findings.
Have a look into the world of Android security and present how to find hidden triggers in mobile applications.
Get to know a static analysis tool for finding backdoors in web applications and present your results.
Be a step ahead and learn how to prevent backdoors from being triggered by reducing the attack surface of a program and discuss your findings.