Course description

Lecture notes







CS 380S - Theory and Practice of Secure Systems (54910)

Fall 2009

Lecture notes

Software security

  1. Course outline and logistics. Introduction to buffer overflow.   [PDF]
  2. Memory exploits: format strings, integer overflow, non-control-data attacks. ActionScript exploit. Return-oriented programming.   [PDF]
  3. Runtime memory protection: StackGuard, PointGuard, TIED/LibsafePlus, bounds checking.   [PDF]
  4. Address space layout randomization.   [PDF]
  5. Static and hybrid detection of buffer overflows: BOON, CSSV, CCured.   [PDF]
  6. TOCTTOU attacks and defenses.   [PDF]
  7. Inline reference monitors: SFI, SFI, XFI, WIT, Native Client.   [PDF]
  8. Intrusion detection: system call interposition, Wagner-Dean, Dyck. Virtual machine introspection.   [PDF]
  9. Unix security: setuid and chroot. MOPS.   [PDF]
  10. Web security: cross-site scripting, SQL injection, cross-site request forgery.   [PDF]
  11. Static detection of Web application vulnerabilities.   [PDF]
  12. Web browser security.   [PDF]
  13. Access control. Information flow security.   [PDF]
  14. Misuse of cryptography in secure system design.   [PDF]
  15. Timing attacks.   [PDF]

Secure multi-party computation and privacy

  1. Semantic security.   [PDF]
  2. Introduction to secure multi-party computation. Oblivious transfer.   [PDF]
  3. Pedersen commitments. Schnorr's Id protocol. Introduction to zero-knowledge proofs.   [PDF]
  4. Yao's protocol.   [PDF]
  5. Oblivious transfer and secure multi-party computation with malicious parties.   [PDF]
  6. Database privacy: query auditing.   [PDF]
  7. Database privacy: input and output perturbation, SuLQ.   [PDF]
  8. Database privacy: k-anonymity, l-diversity, t-closeness.   [PDF]
  9. Differential privacy.   [PDF]