Home

Course description

Lecture notes

Assignments

Projects

Reference

CS 395T - Theory and Practice of Secure Systems (56605)

Fall 2006

Lecture notes

Software security

1. Course outline and logistics. Review of buffer overflow attacks.   [PDF]
2. Anatomy of an attack.   [PDF]
3. Format string attacks. Overflow defenses: StackGuard, PointGuard, Jones-Kelly and Ruwase-Lam.   [PDF]
4. Address space randomization.   [PDF]
5. Reference monitors, sandboxing, system call interposition.   [PDF]
   Password security (guest lecture by Arvind Narayanan).   [PDF]
   Overflow defenses: TIED and LibsafePlus (guest lecture by Prateek Gupta).   [PDF]
6. Introduction to intrusion detection.   [PDF]
7. Program shepherding, Control-Flow Integrity, XFI.   [PDF]
8. Static overflow defenses: BOON and CCured.   [PDF]
9. Data-only and TOCTOU attacks.   [PDF]
10. UNIX security: setuid and chroot. Static security analysis with MOPS.   [PDF]
11. Host-based intrusion detection: Wagner-Dean, mimicry attacks, Dyck model. Virtual machines.   [PDF]
12. Trusted computing hardware.   [PDF]
13. Timing attacks. Brumley-Boneh attack on RSA.   [PDF]

Secure multi-party computation

1. Introduction to secure multi-party computation. Oblivious transfer.   [PDF]
2. Pedersen commitments and Schnorr's Id protocol. Introduction to zero-knowledge proofs.   [PDF]
3. Yao's protocol.   [PDF]
4. Oblivious transfer with malicious parties.   [PDF]
5. Secure multi-party computation with malicious parties. Concurrent composition of zero-knowledge.   [PDF]
6. Cryptographically secure key exchange.   [PDF]

Database privacy

1. Query auditing.   [PDF]
2. Input and output perturbation.   [PDF]

Security logic and language-based security

1. Protocol composition logic.   [PDF]
2. Language-based security.   [PDF]