Thinking outside the box

Adversarial behavior and unconventional attack vectors from security research

(course for PhD students - third edition)

Get Started

Overview of the course

Never, ever, think outside the box

A glimpse on the mindset and tools of
software & systems security researchers

Hardware vulnerabilities and attacks such as Spectre, Meltdown, and Rowhammer have shattered the common perception of what makes a program secure. Beyond the exceptionality of the nature of such attacks, the mindset of security researchers historically strives to consider strong threat models and unexpected execution conditions, resulting in security designs that trade a limited performance impact for better security guarantees.

Unconventional attack vectors and adversarial behavior require researchers to think outside the box to provide such guarantees to a satisfying extent. In some scenarios, this may even require second-guessing the separation of concerns that has historically led computer scientists to develop analyses and defenses that target programs, libraries, operating systems, and hardware individually.

This course aims to provide attendees with a primer of software and systems security principles and will cover selected recent advances in security research that affect other computer science disciplines.

The present edition is delivered as part of the educational activities of the PhD program in Cybersecurity promoted by Sapienza University of Rome and Luiss Guido Carli University. It is also open to students from other programs and institutions, such as those enrolled in the PhD program in Engineering in Computer Science from Sapienza.

If you are interested in attending, please enroll here.


Lectures will be held online in Sep-Oct 2023 on Zoom. Dates and hours are listed below.

Lecture 1 (Sep 26 @ 3pm)

Security characteristics of software nowadays are just as important as correctness and efficiency requirements. The lecture will touch on fundamentals of software and system security research, covering typical thought processes and methodologies, and providing examples of completeness and soundness issues for analyses and mitigations.
References: [1], [2]

Instructor: Daniele Cono D'Elia

Lecture 2 (Sep 28 @ 3pm)

The lecture will introduce the concept of adversarial attacks against ML systems, by using as example attacks against images classification systems and audio. It will then discuss recent attacks against anti-virus and malware detection techniques, giving an overview of the state of the art used against machine learning models used to automate the analysis of source code.
References: [5], [6]

Instructor: Giuseppe Antonio Di Luna

Lecture 3 (Oct 2 @ 3pm)

Protecting software from reverse engineering attempts is important for vendors to combat piracy and intellectual property theft, and for threat actors too to shield their attack vectors. The lecture will cover anti-analysis techniques and software protection schemes that received most attention from the security community in recent years.
References: [3], [4]

Instructor: Daniele Cono D'Elia

Lecture 4 (Oct 11 @ 3pm)

Separation of concerns has led computer scientists to develop analyses and defenses that target programs, libraries, operating systems, and hardware individually. While their practical value is of utmost importance, attackers can breach through software defenses by targeting hardware glitches and side channels. The lecture will cover side channels against crypto code, transient execution attacks of the likes of Spectre, and other hardware attacks.
References: [7], [8]

Instructor: Daniele Cono D'Elia

Lecture 5 (Oct 18 @ 3pm)

Weird machine attacks combine program bugs with extensional properties of software: attackers make a victim program or system execute semantics outside its intended behavior without adding any code to it. Weird machines are often Turing complete and challenge the way we think about and analyze software. The lecture will mainly cover code reuse attacks and data-only attacks.
References: [9], [10]

Instructor: Daniele Cono D'Elia

Final exam. The student will give a presentation detailing 2-3 papers assigned by the instructors on a topic of interest. Alternatively, they may agree on the development of a code prototype exercising a protection mechanism or attack.


  1. Software Security: Principles, Policies, and Protection

    Mathias Payer. “Software Security: Principles, Policies, and Protection”. Book, April 2019

  2. Adam Shostack. “Threat modeling: Designing for security”. Book, 2014.

  3. Zhui Deng et al. “Spider: Stealthy binary program instrumentation and debugging via hardware virtualization”. Annual Computer Security Applications Conference (ACSAC), 2013.

  4. Sebastian Schrittwieser et al. “Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis?”. ACM Computing Surveys, 2016.

  5. Junkun Yuan et al. “Black-box Adversarial Attacks Against Deep Learning Based Malware Binaries Detection with GAN”. ECAI 2020.

  6. Noam Yefet et al. “Adversarial Examples for Models of Code”. ACM OOPSLA 2020.

  7. Bart Coppens et al. “Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors”. IEEE Symposium on Security and Privacy 2009.

  8. Daniel Gruss. “Transient-Execution Attacks and Defenses”. Book, June 2020.

  9. Hovav Shacham. “The Geometry of Innocent Flesh on the Bone”. ACM SIGSAC Conference on Computer and Communications Security (CCS), 2007.

  10. Sergey Bratus et al. “Exploit programming: From buffer overflows to weird machines and theory of computation.” USENIX ;login: magazine, 2011.


Daniele Cono D'Elia

Lead Instructor

Daniele is an Assistant Professor with Sapienza University of Rome. His research spans across several fields of Software and Systems Security. He often speaks at Black Hat (EU'19, EU'20, USA'21).

Giuseppe Antonio Di Luna

Guest Lecturer

Giuseppe is a Tenure-Track Assistant Professor with Sapienza University of Rome. His research covers many aspects of Distributed Computing, Distributed Systems and Computer Security.


For any inquiry on the course, feel free to drop us a line at the email addresses reported on our academic home pages.