Software security
|
|
Aug 31.
Course outline and logistics. Review of buffer overflow attacks.
[slides]
|
Read
Smashing the stack and
The Tao
of Windows buffer overflow.
|
|
Sep 5.
Anatomy of an attack.
[slides]
|
Read
Improving the security of your site by breaking into it.
|
|
Sep 7.
Format string attacks.
Overflow defenses:
StackGuard, PointGuard, Jones-Kelly and Ruwase-Lam.
[slides]
|
Read
Attacks and defenses for the vulnerability of the decade,
Backwards-compatible bounds checking and
Practical dynamic buffer overflow detector.
|
|
Sep 12.
PaX and address space randomization.
[slides]
|
Read
On the effectiveness of address-space randomization.
|
|
Sep 14.
Reference monitors, sandboxing, system call interposition.
Discussion of project ideas.
[slides]
|
Read
A note on the confinement problem and
Practical problems in system call interposition.
|
|
Sep 19.
Password security (by Arvind Narayanan).
[slides]
|
|
|
Sep 21.
Overflow defenses:
TIED and LibsafePlus (by Prateek Gupta).
[slides]
|
Read
Tools for runtime buffer overflow protection.
|
|
Sep 26.
Introduction to intrusion detection.
[slides]
|
Read
Eluding network intrusion detection.
|
|
Sep 28.
Detection of backdoors and stepping stones
(by Yin Zhang).
|
Read
Detecting backdoors and
Detecting stepping stones.
|
|
Oct 3.
Program shepherding,
Control-Flow Integrity,
XFI.
[slides]
|
Homework 1 assigned.
Read
Secure execution via program shepherding and
Software guards for system address spaces.
|
|
Oct 5.
Static overflow defenses:
BOON and CCured.
[slides]
|
Project proposals due.
Read
Automated detection of buffer overrun vulnerabilities.
|
|
Oct 10.
Data-only and TOCTOU attacks.
[slides]
|
Homework 1 due.
Read
Non-control-data attacks and
Fixing races for fun and profit.
|
|
Oct 12.
UNIX security: setuid and chroot.
Static security analysis with MOPS.
[slides]
|
Read
Setuid demystified and
Model checking one million lines of C code.
|
|
Oct 17.
Host-based intrusion detection: Wagner-Dean, mimicry attacks, Dyck model.
Virtual machines.
[slides]
|
Read
Mimicry attacks,
Context-sensitive intrusion detection and
Virtual machine based intrusion detection.
|
|
Oct 19.
Trusted computing.
[slides]
|
Read
Experimenting with TCPA/TCG.
|
|
Oct 24.
Timing attacks.
[slides]
|
Read
Timing attacks and
Remote timing attacks.
|
|
Oct 26.
Midterm.
|
|
Privacy
|
|
Oct 31.
Introduction to secure multi-party computation.
Oblivious transfer.
[slides]
|
Homework 2 assigned.
|
|
Nov 2.
Pedersen commitments and Schnorr's Id protocol.
Introduction to zero-knowledge proofs.
[slides]
|
|
|
Nov 7.
Yao's protocol.
[slides]
|
Homework 2 due.
|
|
Nov 9.
Oblivious transfer and secure multi-party computation with malicious
parties.
[OT slides]
[SMC slides]
|
|
|
Nov 14.
Key exchange protocols.
[slides]
|
Homework 3 assigned.
|
|
Nov 16.
Database privacy:
query auditing.
[slides]
|
Read
Simulatable auditing.
|
|
Nov 21.
Database privacy: input and output perturbation, SuLQ.
[slides]
|
Homework 3 due.
Read
Limiting privacy breaches
and
SuLQ.
|
|
Nov 23.
No class (Thanksgiving).
|
|
Advanced topics
|
|
Nov 28.
Protocol composition logic.
[slides]
|
|
|
Nov 30.
Language-based security.
[slides]
|
Homework 4 assigned.
Read
Language-based information-flow security.
|
|
Dec 5.
Electronic cash. Secure voting systems.
|
Read
papers on voting security.
|
|
Dec 7.
Economics of privacy.
Last day of class.
|
Homework 4 due.
Read
papers on economics of privacy.
|
|
Dec 13.
Project reports due.
|