csci 2951u topics in software security
play

CSCI 2951U: Topics in Software Security Introduction Vasileios - PowerPoint PPT Presentation

Oct 16, 2022 •518 likes •739 views

CSCI 2951U: Topics in Software Security Introduction Vasileios (Vasilis) Kemerlis January 27, 2020 Department of Computer Science Brown University vpk@cs.brown.edu (Brown University) CSCI 2951U Spring 20 1 / 8 Course Overview (1/2)

  1. CSCI 2951U: Topics in Software Security Introduction Vasileios (Vasilis) Kemerlis January 27, 2020 Department of Computer Science Brown University vpk@cs.brown.edu (Brown University) CSCI 2951U Spring ’20 1 / 8

  2. Course Overview (1/2) • CFI, CPI, ... Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) 3. Data-only attacks • ... • Signal-oriented prog. (SROP) • Blind ROP (BROP) • Just-In-Time ROP (JIT-ROP) • Return-oriented prog. (ROP) • Return-to-libc ( ret2libc ) 2. Code reuse 1. Code injection Software Exploitation • BPF_SECCOMP , FORTIFY_SRC • RELRO , BIND_NOW • Stack/Heap canaries • W^X , ASLR 2. Modern defenses • ... • Pointer errors • Format string bugs • Stack/Heap smashing 1. Prevalent software defects Software Security Memory unsafe code (written in C / C++ , asm , ...) CSCI 1650 ++ State-of-the-art in software exploitation and defense 2 / 8 ▶ What is this course about?

  3. Course Overview (1/2) Software Exploitation Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) 3. Data-only attacks • ... • Signal-oriented prog. (SROP) • Blind ROP (BROP) • Just-In-Time ROP (JIT-ROP) • Return-oriented prog. (ROP) • Return-to-libc ( ret2libc ) 2. Code reuse 1. Code injection • CFI, CPI, ... • BPF_SECCOMP , FORTIFY_SRC • RELRO , BIND_NOW • Stack/Heap canaries • W^X , ASLR 2. Modern defenses • ... • Pointer errors • Format string bugs • Stack/Heap smashing 1. Prevalent software defects Software Security Memory unsafe code (written in C / C++ , asm , ...) 2 / 8 ▶ What is this course about? ✔ State-of-the-art in software exploitation and defense ➜ CSCI 1650 ++

  4. Course Overview (1/2) 1. Code injection Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) 3. Data-only attacks • ... • Signal-oriented prog. (SROP) • Blind ROP (BROP) • Just-In-Time ROP (JIT-ROP) • Return-oriented prog. (ROP) • Return-to-libc ( ret2libc ) 2. Code reuse • CFI, CPI, ... • BPF_SECCOMP , FORTIFY_SRC • RELRO , BIND_NOW • Stack/Heap canaries • W^X , ASLR 2. Modern defenses • ... • Pointer errors • Format string bugs • Stack/Heap smashing 1. Prevalent software defects 2 / 8 ▶ What is this course about? ✔ State-of-the-art in software exploitation and defense ➜ CSCI 1650 ++ ✘ Memory unsafe code (written in C / C++ , asm , ...) ▶ Software Security ▶ Software Exploitation

  5. Course Overview (2/2) Why are these useful? Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) (c) why previous attempts failed (b) how exactly these attacks work (a) understand what sorts of attacks are possible mechanisms you need to: • To design efgective (and effjcient) software protection • Exploit “weaponization” defenses can be bypassed Learn how and why (certain) Ofgense mitigation techniques Familiarize with experimental argue about their efgectiveness protection mechanisms and Understand the boundaries of Defense 3 / 8 ▶ Why take this course?

  6. Course Overview (2/2) Why are these useful? Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) (c) why previous attempts failed (b) how exactly these attacks work (a) understand what sorts of attacks are possible mechanisms you need to: • To design efgective (and effjcient) software protection • Exploit “weaponization” defenses can be bypassed mitigation techniques Familiarize with experimental argue about their efgectiveness protection mechanisms and Understand the boundaries of Defense 3 / 8 ▶ Why take this course? � Ofgense ✔ Learn how and why (certain)

  7. Course Overview (2/2) Why are these useful? Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) (c) why previous attempts failed (b) how exactly these attacks work (a) understand what sorts of attacks are possible mechanisms you need to: • To design efgective (and effjcient) software protection • Exploit “weaponization” defenses can be bypassed mitigation techniques argue about their efgectiveness protection mechanisms and 3 / 8 ▶ Why take this course? � Defense � Ofgense ✔ Understand the boundaries of ✔ Learn how and why (certain) ✔ Familiarize with experimental

  8. Course Overview (2/2) • To design efgective (and effjcient) software protection Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) (c) why previous attempts failed (b) how exactly these attacks work (a) understand what sorts of attacks are possible mechanisms you need to: • Exploit “weaponization” defenses can be bypassed mitigation techniques argue about their efgectiveness protection mechanisms and 3 / 8 ▶ Why take this course? � Defense � Ofgense ✔ Understand the boundaries of ✔ Learn how and why (certain) ✔ Familiarize with experimental ▶ Why are these useful?

  9. Prerequisites Having taken the following courses is a plus, but not required: Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) We will review (most of) the important concepts • CSCI 2951E (Topics in Computer System Security) • CSCI 1660 (Computer Systems Security) • Virtual Memory • Linking and Loading • C/C++, x86 asm • Code Reuse (ROP) • Code Injection (Shellcode dev.) • Control-fmow Hijacking 4 / 8 ▶ CSCI 1650 (Software Security and Exploitation) ▶ CSCI 1670 (Operating Systems)

  10. Prerequisites • CSCI 1660 (Computer Systems Security) Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) We will review (most of) the important concepts • CSCI 2951E (Topics in Computer System Security) • Virtual Memory • Linking and Loading • C/C++, x86 asm • Code Reuse (ROP) • Code Injection (Shellcode dev.) • Control-fmow Hijacking 4 / 8 ▶ CSCI 1650 (Software Security and Exploitation) ▶ CSCI 1670 (Operating Systems) ✔ Having taken the following courses is a plus, but not required:

  11. Prerequisites • CSCI 1660 (Computer Systems Security) Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) • CSCI 2951E (Topics in Computer System Security) • Virtual Memory • Linking and Loading • C/C++, x86 asm • Code Reuse (ROP) • Code Injection (Shellcode dev.) • Control-fmow Hijacking 4 / 8 ▶ CSCI 1650 (Software Security and Exploitation) ▶ CSCI 1670 (Operating Systems) ✔ Having taken the following courses is a plus, but not required: ✪ We will review (most of) the important concepts

  12. Logistics (1/2) • https://cs.brown.edu/courses/csci2951-u/ Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) Assigned readings No required textbook Study material • Readings • Lecture slides • Announcements Check the website! spring.s01@lists.brown.edu • course.csci.2951u.2020- Communication Meetings 10% Project presentation 40% Project report 20% Discussion part. 20% Paper presentations 10% Paper reviews Grading • CIT 506 • Mondays, 3PM – 5:20PM (M hour) 5 / 8

  13. Logistics (1/2) • https://cs.brown.edu/courses/csci2951-u/ Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) Assigned readings No required textbook Study material • Readings • Lecture slides • Announcements Check the website! spring.s01@lists.brown.edu • course.csci.2951u.2020- Communication 10% Project presentation 40% Project report 20% Discussion part. 20% Paper presentations 10% Paper reviews Grading • CIT 506 • Mondays, 3PM – 5:20PM (M hour) 5 / 8 � Meetings

  14. Logistics (1/2) • https://cs.brown.edu/courses/csci2951-u/ Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) Assigned readings No required textbook Study material • Readings • Lecture slides • Announcements Check the website! spring.s01@lists.brown.edu • course.csci.2951u.2020- 5 / 8 10% Project presentation 40% Project report 20% Discussion part. 20% Paper presentations 10% Paper reviews Grading • CIT 506 • Mondays, 3PM – 5:20PM (M hour) � Meetings � Communication

  15. Logistics (1/2) • https://cs.brown.edu/courses/csci2951-u/ Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) Assigned readings No required textbook Study material • Readings • Lecture slides • Announcements spring.s01@lists.brown.edu • course.csci.2951u.2020- 5 / 8 10% Project presentation 40% Project report 20% Discussion part. 20% Paper presentations 10% Paper reviews Grading • CIT 506 • Mondays, 3PM – 5:20PM (M hour) � Meetings � Communication ✪ Check the website!

  16. Logistics (1/2) spring.s01@lists.brown.edu Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) Assigned readings No required textbook Study material • Readings • Lecture slides • Announcements • course.csci.2951u.2020- • CIT 506 • https://cs.brown.edu/courses/csci2951-u/ • Mondays, 3PM – 5:20PM (M hour) 5 / 8 � Meetings � Communication ▶ Grading ✔ Paper reviews ➜ 10% ✪ Check the website! ✔ Paper presentations ➜ 20% ✔ Discussion part. ➜ 20% ✔ Project report ➜ 40% ✔ Project presentation ➜ 10%

  17. Logistics (1/2) • https://cs.brown.edu/courses/csci2951-u/ Spring ’20 CSCI 2951U vpk@cs.brown.edu (Brown University) • Readings • Lecture slides • Announcements spring.s01@lists.brown.edu • course.csci.2951u.2020- • Mondays, 3PM – 5:20PM (M hour) • CIT 506 5 / 8 � Meetings � Communication ▶ Grading ✔ Paper reviews ➜ 10% ✪ Check the website! ✔ Paper presentations ➜ 20% ✔ Discussion part. ➜ 20% ✔ Project report ➜ 40% ✔ Project presentation ➜ 10% ▶ Study material ■ No required textbook ➜ Assigned readings

Recommend

Software Security By Hunter Stevenson Khalid Alharbi CSCI 5828 Foundations of Software

Software Security By Hunter Stevenson Khalid Alharbi CSCI 5828 Foundations of Software

Software Security By Hunter Stevenson Khalid Alharbi CSCI 5828 Foundations of Software Engineering Spring 2012 What is the talk NOT about? Cryptography. Database security. Operating Systems security. Network security.

1.37k views • 121 slides
CSCI 1650: Software Security and Exploitation Introduction Vasileios (Vasilis) Kemerlis

CSCI 1650: Software Security and Exploitation Introduction Vasileios (Vasilis) Kemerlis

CSCI 1650: Software Security and Exploitation Introduction Vasileios (Vasilis) Kemerlis September 09, 2020 Department of Computer Science Brown University vpk@cs.brown.edu (Brown University) CSCI 1650 Fall 20 1 / 6 Course Overview (1/2)

238 views • 19 slides
Outline More secure design principles Software engineering for security CSci 5271 Introduction

Outline More secure design principles Software engineering for security CSci 5271 Introduction

Outline More secure design principles Software engineering for security CSci 5271 Introduction to Computer Security Secure use of the OS Defensive programming and design, contd Announcements intermission Stephen McCamant Bernsteins

535 views • 8 slides
Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer Security Logistics intermission Day 2: Intro to Software and OS Security Example security failures Stephen McCamant University of Minnesota, Computer

608 views • 8 slides
Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer

Outline Security risk and management Some terminology CSci 5271 Introduction to Computer Security Logistics intermission Day 2: Intro to Software and OS Security Example security failures Stephen McCamant University of Minnesota, Computer

395 views • 7 slides
CMPSC 497 Special Topics: Software Security Trent Jaeger Systems and Internet

CMPSC 497 Special Topics: Software Security Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA CMPSC 497 Special Topics: Software Security Trent Jaeger

745 views • 27 slides
Software In-Security Buffer overflows Overview Web Application security Malware OS

Software In-Security Buffer overflows Overview Web Application security Malware OS

Lecture overview Table of contents: Introduction to SW security Software In-Security Buffer overflows Overview Web Application security Malware OS security topics Code scanning Emmanuel Benoist Taught by Ulrich

479 views • 13 slides
ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack

ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack

ss 8 Class Cl CSC 495/583 Topics of Software Security PLT, GOT & Return-to-plt Attack & GOT Overwrite Attack Dr. Si Chen (schen@wcupa.edu) Review Page 2 ret2libc Attack Page 3 libc C standard library Provides

662 views • 36 slides
CSCI 8260 S16 Computer Network Attacks and Defenses Overview of research topics in computer

CSCI 8260 S16 Computer Network Attacks and Defenses Overview of research topics in computer

CSCI 8260 S16 Computer Network Attacks and Defenses Overview of research topics in computer and network security Instructor: Prof. Roberto Perdisci Fundamental Components l Confidentiality l concealment/secrecy of information often

642 views • 37 slides
Outline OS security: protection and isolation CSci 5271 OS security: authentication

Outline OS security: protection and isolation CSci 5271 OS security: authentication

Outline OS security: protection and isolation CSci 5271 OS security: authentication Introduction to Computer Security Announcements intermission Day 9: OS security basics Stephen McCamant Basics of access control University of Minnesota,

269 views • 8 slides
deel 2 sws1 1 Software and Web Security - 1 & 2 Software is the main source of security

deel 2 sws1 1 Software and Web Security - 1 & 2 Software is the main source of security

Software and Web Security deel 2 sws1 1 Software and Web Security - 1 & 2 Software is the main source of security vulnerabilities esp in systems accessible via a network part 1 security problems in machine code, compiled from C(++)

1.35k views • 67 slides
ss 2 Cl Class CSC 495/583 Topics of Software Security IA-32 Register & Byte Ordering &

ss 2 Cl Class CSC 495/583 Topics of Software Security IA-32 Register & Byte Ordering &

ss 2 Cl Class CSC 495/583 Topics of Software Security IA-32 Register & Byte Ordering & x86 ASM Dr. Si Chen (schen@wcupa.edu) Badger CTF Your Computer IP: roadrunner.cs.wcupa.edu Username: ss2020 Roadrunner Password:

565 views • 27 slides
Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 & 2 y Software

Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 & 2 y Software

1 Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 & 2 y Software is the main source of security vulnerabilities esp in systems accessible via a network i t ibl i t k part 1 part 1 security problems

672 views • 65 slides
Outline The web from a security perspective CSci 5271 Introduction to Computer Security SQL

Outline The web from a security perspective CSci 5271 Introduction to Computer Security SQL

Outline The web from a security perspective CSci 5271 Introduction to Computer Security SQL injection Web security, part 1 Announcements intermission Stephen McCamant University of Minnesota, Computer Science & Engineering Web

522 views • 5 slides
CSCI 2132 Software Development Lecture 14: Software Development Life Cycle Instructor: Vlado

CSCI 2132 Software Development Lecture 14: Software Development Life Cycle Instructor: Vlado

CSCI 2132 Software Development Lecture 14: Software Development Life Cycle Instructor: Vlado Keselj Faculty of Computer Science Dalhousie University 5-Oct-2018 (14) CSCI 2132 1 Previous Lecture (Fire Alarm) Integer and

621 views • 18 slides
ss 3 Cl Class CSC 495/583 Topics of Software Security X86 Assembly & Stack & Stack

ss 3 Cl Class CSC 495/583 Topics of Software Security X86 Assembly & Stack & Stack

ss 3 Cl Class CSC 495/583 Topics of Software Security X86 Assembly & Stack & Stack Frame Dr. Si Chen (schen@wcupa.edu) Review Page 2 General-purpose Registers The eight 32-bit general-purpose data registers are used to hold

772 views • 22 slides
CSCI 2132 Software Development Lecture 16: Multidimensional Arrays Instructor: Vlado Keselj

CSCI 2132 Software Development Lecture 16: Multidimensional Arrays Instructor: Vlado Keselj

CSCI 2132 Software Development Lecture 16: Multidimensional Arrays Instructor: Vlado Keselj Faculty of Computer Science Dalhousie University 12-Oct-2018 (16) CSCI 2132 1 Previous Lecture Software testing Software debugging, gdb

197 views • 15 slides
Outline Saltzer & Schroeders principles (contd) CSci 5271 More secure design

Outline Saltzer & Schroeders principles (contd) CSci 5271 More secure design

Outline Saltzer & Schroeders principles (contd) CSci 5271 More secure design principles Introduction to Computer Security Software engineering for security Defensive programming 2 (combined lecture) Announcements intermission

632 views • 9 slides
Outline SSL/TLS (leftovers) The web from a security perspective CSci 5271 Introduction to

Outline SSL/TLS (leftovers) The web from a security perspective CSci 5271 Introduction to

Outline SSL/TLS (leftovers) The web from a security perspective CSci 5271 Introduction to Computer Security Announcements intermission Day 18: Web security, part 1 SQL injection Stephen McCamant Web authentication failures University of

670 views • 10 slides
Outline Saltzer & Schroeders principles CSci 5271 Announcements intermission

Outline Saltzer & Schroeders principles CSci 5271 Announcements intermission

Outline Saltzer & Schroeders principles CSci 5271 Announcements intermission Introduction to Computer Security Day 7: Defensive programming and design, More secure design principles part 1 Software engineering for security Stephen

571 views • 9 slides
Outline Saltzer & Schroeders principles CSci 5271 More secure design principles

Outline Saltzer & Schroeders principles CSci 5271 More secure design principles

Outline Saltzer & Schroeders principles CSci 5271 More secure design principles Introduction to Computer Security Day 7: Defensive programming and design, part 1 Software engineering for security Stephen McCamant Announcements

355 views • 7 slides
CSCI-UA.9480 Introduction to Computer Security Session 4.1 Browser Security Model Prof. Nadim

CSCI-UA.9480 Introduction to Computer Security Session 4.1 Browser Security Model Prof. Nadim

CSCI-UA.9480 Introduction to Computer Security Session 4.1 Browser Security Model Prof. Nadim Kobeissi Defining 4.1a Browser Security Goals Also before we start: Practical Assignment 2 is now online . 2 CSCI-UA.9480: Introduction to

520 views • 28 slides
Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements intermission Day 24: Usability and security Stephen McCamant Usable security example areas University of Minnesota, Computer Science & Engineering

219 views • 5 slides
Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements

Outline Usability and security CSci 5271 Introduction to Computer Security Announcements intermission Day 25: Usability and security Stephen McCamant Usable security example areas University of Minnesota, Computer Science & Engineering

419 views • 4 slides

More recommend