Upload
others
View
14
Download
0
Embed Size (px)
Citation preview
Software Security
Lecture 1 : Introduction to the course
Bing Mao
Department of Computer Science
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Outline
Course OverviewDescriptionGoal
Text Books
Course Schedule
Prerequisites
Tentative Course Project
Teaching AssistantContact Information
Introduction to Software SecurityBackgroundRoot Cause of the Security ProblemsVulnerability Exploits
28
Software Security
3 Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Course Overview
This course is to examine various software vulnerabilities,review the literature how this problem was addressed, anddiscuss practical techniques and tools in fighting these threatsfrom binary code analysis, symbolic execution, to operatingsystem security, and hypervisor and even hardware basedsolutions.
28
Software Security
Course Overview4 Description
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Course OverviewDescription
I Graduate and postgraduate levelI Research orientedI System and software security class
28
Software Security
Course OverviewDescription
5 Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Course OverviewGoal
I Understand the low-level details of real softwareimplementations
I Be familiar with state of the art software vulnerabilitiesI Vulnerability discovery, memory exploits and defense
techniquesI Automated program analysis for the reverse engineering of
binary code
28
Software Security
Course OverviewDescription
Goal
6 Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Text Books
There are three main parts of the text books:
1. Computer Systems: A Programmer’s Perspective (CSAPP)
28
Software Security
Course OverviewDescription
Goal
7 Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Text Books
2. Hacking: The Art of Exploitation
28
Software Security
Course OverviewDescription
Goal
8 Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Text Books
3. Related paper for after-class
I SoK: EternalWar in MemoryI Smashing The Stack For Fun And ProfitI The Geometry of Innocent Flesh on the
Bone:Return-into-libc without Function Calls (on the x86)I And so on...
28
Software Security
Course OverviewDescription
Goal
Text Books
9 Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Course Schedule
I IntroductionI Basic computer system knowledgeI Control Flow Hijacks
I Buffer OverflowI Practical Control Flow DefenseI Memory exploit
I ROPI Control Flow IntegrityI Program Analysis
I Program RepresentationI Dynamic Analysis
I Binary InstrumentationI Static Analysis
I LLVM(optional)I Symbolic Execution
I Vulnerabilitiy discoveryI Summary
I Software security and program analysis
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
10 Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Prerequisites
I The basic knowledge of computer architectureI ELFI Stack HeapI Assembly code(Intel x86)I Computer Security basicsI C/C++ Programming in UNIX
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
11 Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Tentative Course Project
I BufferOverflowI ROPI Data flow trackingI Symbolic executionI Homework(optional)
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware Security
13 Background
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityBackground
Computer security, also known as cybersecurity or IT security,is the “...protection of information systems from theft(secrecy/confidentiality)or damage (integrity) to the hardware,the software, and to the information on them, ...”—Gasser,Morrie (1988)
http://www.securitygem.com/top-home-security-reviews/
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware Security
14 Background
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityBackground
What’s the Reality Today?
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware Security
14 Background
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityBackground
What’s the Reality Today?
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware Security
14 Background
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityBackground
What’s the Reality Today?
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware Security
14 Background
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityBackground
What’s the Reality Today?
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware Security
14 Background
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityBackground
What’s the Reality Today?
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware Security
15 Background
Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityBackground
Who are the Bad Guys?
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
16 Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityRoot Cause of the Security Problems
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
17 Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityRoot Cause of the Security Problems
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
18 Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityRoot Cause of the Security Problems
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
19 Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityRoot Cause of the Security Problems
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
20 Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityRoot Cause of the Security Problems
How Many Vulnerabilities?
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
20 Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityRoot Cause of the Security Problems
How Many Vulnerabilities?
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
21 Root Cause of the SecurityProblems
Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityRoot Cause of the Security Problems
How Many Vulnerabilities?
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
22 Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityVulnerability Exploits
1.Desktop/Server (app/kernel) Vulnerabilites
I Buffer Overflow(stack, heap, vtable)I Format StringI Integer Overflow
2.Web(App)VulnerabilitiesI SQL InjectionI Cross-site scriptingI Cross-site forgery
3.Mobile(App)VulnerabilitiesI Android component/Intent hijackingI Data leakage
4....
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
23 Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityVulnerability Exploits
Bugs, Vulnerabilities, and Exploits
I A bug is a place where real execution behavior maydeviate from expected behavior
I A vulnerability is a flaw or weakness in system securityprocedures, design, implementation, or internal controlsthat could be exercised (accidentally triggered orintentionally exploited) and result in a security breach or aviolation of the system’s security policy. (NIST’s definition)
I An exploit is an input that gives an attacker an advantage
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
24 Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityVulnerability Exploits
How Vulnerabilities are Exploited
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
25 Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityVulnerability Exploits
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
26 Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityVulnerability Exploits
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
27 Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityVulnerability Exploits
28
Software Security
Course OverviewDescription
Goal
Text Books
Course Schedule
Prerequisites
Tentative CourseProject
Teaching AssistantContact Information
Introduction toSoftware SecurityBackground
Root Cause of the SecurityProblems
28 Vulnerability Exploits
Dept. of Computer Science,Nanjing University
Introduction to Software SecurityVulnerability Exploits