Home

Course description

Lecture notes

Assignments

Projects

Reference

CS 380S - Theory and Practice of Secure Systems (54910)

Fall 2009

Lecture notes

Software security

1. Course outline and logistics. Introduction to buffer overflow.   [PDF]
2. Memory exploits: format strings, integer overflow, non-control-data attacks. ActionScript exploit. Return-oriented programming.   [PDF]
3. Runtime memory protection: StackGuard, PointGuard, TIED/LibsafePlus, bounds checking.   [PDF]
4. Address space layout randomization.   [PDF]
5. Static and hybrid detection of buffer overflows: BOON, CSSV, CCured.   [PDF]
6. TOCTTOU attacks and defenses.   [PDF]
7. Inline reference monitors: SFI, SFI, XFI, WIT, Native Client.   [PDF]
8. Intrusion detection: system call interposition, Wagner-Dean, Dyck. Virtual machine introspection.   [PDF]
9. Unix security: setuid and chroot. MOPS.   [PDF]
10. Web security: cross-site scripting, SQL injection, cross-site request forgery.   [PDF]
11. Static detection of Web application vulnerabilities.   [PDF]
12. Web browser security.   [PDF]
13. Access control. Information flow security.   [PDF]
14. Misuse of cryptography in secure system design.   [PDF]
15. Timing attacks.   [PDF]

Secure multi-party computation and privacy

1. Semantic security.   [PDF]
2. Introduction to secure multi-party computation. Oblivious transfer.   [PDF]
3. Pedersen commitments. Schnorr's Id protocol. Introduction to zero-knowledge proofs.   [PDF]
4. Yao's protocol.   [PDF]
5. Oblivious transfer and secure multi-party computation with malicious parties.   [PDF]
6. Database privacy: query auditing.   [PDF]
7. Database privacy: input and output perturbation, SuLQ.   [PDF]
8. Database privacy: k-anonymity, l-diversity, t-closeness.   [PDF]
9. Differential privacy.   [PDF]