
Computer System Security
Instructor: R . Sekar
Textbook: Matt Bishop, Introduction to Computer Security, Addison Wesley
Download Slides from here
Description/Reading
|
Slides
|
Notes
|
Introduction: Overview of Security Threats Emerging threats and research directions |
PDF
| |
Cryptography Basics Reading: Who is guarding the guardians, or how secure are the CAs |
PDF
|
PDF
|
Identification and Authentication Reading: Lamport's One-Time Password Scheme Reading: How anonymous hacked into a security firm |
PDF
|
PDF
|
Discretionary Access Control Reading: Revisiting "Setuid Demystified" |
PDF
|
PDF
|
Capabilities, Mandatory Access Control Reading: The Confused Deputy (or why capabilities might have been invented) |
|
PDF
|
DTE and SELinux. POSIX Capabilities. Commercial Security Policies Reading: Confining Root Programs with Domain and Type Enforcement |
|
PDF
|
OS Security, UNIX Security, Database Security Reading: Linux capabilities (alternative link) Reading: SELinux |
PDF
|
PDF TXT
|
Principles and practices for secure system design Reading: The Protection of Information in Computer Systems |
PDF
|
PDF
|
Background: Runtime memory organization | | TXT |
Stack-smashing, Heap overflows and Format string attacks Reading: Smashing the stack for fun and profit |
PDF
|
PDF PDF
|
Integer overflows Memory corruption defenses: guarding, ASR, DSR, ... Reading: Memory exploitation defenses in Windows Optional Reading: (Not so) Recent advances in exploiting buffer overruns Optional Reading: Basic Integer Overflows | |
PDF PDF
|
Memory-error detection: Bounds-checking, etc. | |
PDF
|
Injection Attacks, Taint-tracking Taint-enhanced policies Reading: Taint-Enhanced Policy Enforcement |
PDF
|
PDF PDF
|
Race conditions and other Software vulnerabilities Reading: Top 25 Software Vulnerabilities |
PDF
| PDF |
Malware Evasion, obfuscation, Software tamper-resistance A very short article from 2011 on specific malware trends. |
PDF
|
PDF PDF
|
Securing Untrusted Code: System-call interception, Inline-reference monitoring |
PDF
|
PDF
|
Securing Untrusted Code: Inline-reference monitoring, Software-based fault isolation, Control-flow integrity | |
PDF
|
Binary analysis and transformation: Disassembly, static binary rewriting Dynamic translation |
PDF
|
PDF
|
Untrusted Code: Java, Javascript and Web security |
PDF
|
PDF
|
Untrusted Code: Virtual Machines |
PDF
| |
Intrusion detection overview Host-based/Application layer Intrusion detection Intrusion detection models Reading: A sense of self for Unix processes |
PDF
|
PDF PDF PDF
|
Vulnerability analysis: Program analysis overview, Model-checking Abstract interpretation | |
PDF PDF PDF
|
Course summary |
PDF
| |