Course description

Lecture notes







CS 380S - Theory and Practice of Secure Systems (54910)

Fall 2009

Time and place Tue and Thu, 2-3:30pm, PAI 3.14
Vitaly Shmatikov
     Email: shmat AT cs    Office: TAY 4.115C
     Office hours: Tue, 3:30-4:30pm    Phone: 471-9530
Rolf Rolles
     Email: rolf.rolles AT gmail.com      Office: ENS 31NQ (desk #4)
     Office hours: Wed, 1-2pm
Grading Homeworks: 40%
Midterm: 15%
Course project: 45%

Course schedule

Software security

Aug 27. Course outline and logistics.
Introduction to buffer overflow.   [slides]
Read Smashing the stack for fun and profit and Blended attacks.
Sep 1. Memory corruption attacks: format strings, integer overflow, non-control attacks.   [slides] Read Exploiting format string vulnerabilities, Leveraging the ActionScript Virtual Machine and Non-control-data attacks.
Sep 3. Return-oriented programming. Read Return-oriented programming.
Sep 8. Runtime memory protection: StackGuard, PointGuard, TIED/LibsafePlus, runtime bounds checking.   [slides] Read Attacks and defenses for the vulnerability of the decade, TIED, LibsafePlus, and Backwards-compatible array bounds checking.
Sep 10. Address-space layout randomization.   [slides] Read On the effectiveness of address-space randomization.
Sep 15. Static and hybrid detection of overflows: BOON, CSSV, CCured.   [slides] Read Automated detection of buffer overrun vulnerabilities, Buffer overrun detection using linear programming and static analysis, and Realistic tool for statically detecting all buffer overflows.
Sep 17. TOCTTOU attacks and defenses (guest lecture by Don Porter).   [slides] Read Exploiting Unix file-system races.
Sep 22. Static detection of buffer overflows (cont'd).
Sep 24. Inline reference monitors: SFI, CFI, XFI, WIT, Native Client.   [slides] Homework 1 assigned.
Read CFI, WIT, and Native Client.
Sep 29. Intrusion detection: system call interposition, Wagner-Dean, Dyck. Virtual machine introspection.   [slides] Project proposals due.
Read Intrusion detection via static analysis, Formalizing sensitivity in static analysis for intrusion detection, and Practical problems in system call interposition.
Oct 1. UNIX security: setuid and chroot. MOPS.   [slides] Homework 1 due.
Read Setuid demystified and Model checking one million lines of C code.
Oct 6. Web security: cross-site scripting, SQL injection, cross-site request forgery.   [slides] Read Cross-site scripting explained, Advanced SQL injection, and Robust defenses for cross-site request forgery.
Oct 8. Web security (cont'd).
Oct 13. Static detection of Web application vulnerabilities.   [slides] Read Pixy and Sound and precise analysis of Web applications for injection vulnerabilities.
Oct 15. Web browser security.   [slides] Read Beware of finer-grained origins and Pretty-bad-proxy.
Oct 20. Access control. Information flow security.   [slides] Read A note on the confinement problem and Decentralized model for information flow control.
Oct 22. Midterm.


Oct 27. Semantic security.   [slides]
Oct 29. Introduction to secure multi-party computation. Oblivious transfer.   [slides] Homework 2 assigned.
Nov 3. Pedersen commitments and Schnorr's Id protocol. Introduction to zero-knowledge proofs.   [slides]
Nov 5. Yao's protocol.   [slides] Homework 2 due.
Nov 10. Oblivious transfer and secure multi-party computation with malicious parties.   [slides]
Nov 12. Database privacy: query auditing.   [slides] Homework 3 assigned.
Read Simulatable auditing.
Nov 17. Database privacy: input and output perturbation, SuLQ.   [slides] Read Limiting privacy breaches and SuLQ framework
Nov 19. Database privacy: k-anonymity, l-diversity, t-closeness.   [slides] Homework 3 is due.
Read t-closeness.
Nov 24. Differential privacy.   [slides] Homework 4 is assigned.
Read Differential privacy.
Nov 26. No class (Thanksgiving).
Dec 1. Misuse of cryptography in secure system design.   [slides]
Dec 3. Timing attacks.   [slides]
Last day of class.
Homework 4 due.
Read Remote timing attacks are practical.
Dec 14. Project reports due.

Course syllabus can be found here.

Code of Conduct

UTCS Code of Conduct will be strictly enforced.