Theory and Practice of Secure Systems

Course description

Reference

CS 380S - Theory and Practice of Secure Systems (54910)

Fall 2009

Software security

Design principles of secure systems

Reflections on Trusting Trust by Ken Thompson (Turing Award lecture)
Why Cryptosystems Fail by Anderson
Secure Programming for Linux and Unix HOWTO by Wheeler
Prudent Engineering Practice for Cryptographic Protocols by Abadi and Needham

Buffer overflow and other memory corruption exploits

Attacks and defenses

Smashing The Stack for Fun and Profit by Aleph One
Blended Attacks Exploits, Vulnerabilities and Buffer-Overflow Techniques in Computer Viruses by Chien and Szor
Bypassing Browser Memory Protection by Sotirov and Dowd
Exploiting Format String Vulnerabilities by scut / team teso
Basic Integer Overflows by blexim
w00w00 on Heap Overflows by Conover and w00w00 security team
Once Upon a free() by anonymous
Non-Control-Data Attacks Are Realistic Threats by Chen et al.
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade by Cowan et al.
Defeating the Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server by Litchfield
Leveraging the ActionScript Virtual Machine by Dowd
Return-Oriented Programming by Roemer et al.
On the Effectiveness of Address-Space Randomization by Shacham et al.

Runtime bounds checking

TIED, LibsafePlus: Tools for Runtime Buffer Overflow Protection by Avijit, Gupta, and Gupta
Backwards-Compatible Bounds Checking for Arrays and Pointers in C Programs by Jones and Kelly
A Practical Dynamic Buffer Overflow Detector by Ruwase and Lam
Backwards-compatible Array Bounds Checking for C with Very Low Overhead by Dhurjati and Adve

Static detection of buffer overflows

A First Step Towards Automatic Detection of Buffer Overrun Vulnerabilities by Wagner et al.
Buffer Overrun Detection using Linear Programming and Static Analysis by Ganapathy et al.
CSSV: Towards a Realistic Tool for Statically Detecting All Buffer Overflows in C by Dor, Rodeh, and Sagiv
CCured: Type-Safe Retrofitting of Legacy Code by Necula, McPeak, and Weimer

Isolation and code integrity

Efficient Software-Based Fault Isolation by Wahbe et al.
Control-Flow Integrity by Abadi et al.
XFI: Software Guards for System Address Spaces by Erlingsson et al.
Preventing Memory Error Exploits with WIT by Akritidis et al.
Leveraging Legacy Code to Deploy Desktop Applications on the Web by Douceur et al.
Native Client: A Sandbox for Portable, Untrusted x86 Native Code by Yee et al.

Concurrency attacks

Exploiting Concurrency Vulnerabilities in System Call Wrappers by Watson
Checking for Race Conditions in File Accesses by Bishop and Dilger
Dynamic Detection and Prevention of Race Conditions in File Accesses by Tsyrklevich and Yee
Fixing Races for Fun and Profit: How to abuse atime by Borisov et al.
Portably Solving File TOCTTOU Races with Hardness Amplification by Tsafrir et al.
Exploiting Unix File-System Races via Algorithmic Complexity Attacks by Cai, Gui, and Johnson

Intrusion detection

Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools by Garfinkel
Intrusion Detection via Static Analysis by Wagner and Dean
Formalizing Sensitivity in Static Analysis for Intrusion Detection by Feng et al.
Mimicry Attacks on Host-Based Intrusion Detection Systems by Wagner and Soto
A Practical Mimicry Attack Against Powerful System-Call Monitors by Parampalli, Sekar, and Johnson
A Virtual Machine Introspection Based Architecture for Intrusion Detection by Garfinkel and Rosenblum
Towards Application Security on Untrusted Operating Systems by Ports and Garfinkel

Analysis and verification of software

SASI Enforcement of Security Policies: A Retrospective by Erlingsson and Schneider
Setuid Demystified by Chen, Wagner, and Dean
Model Checking One Million Lines of C Code by Chen, Dean, and Wagner
EXE: Automatically Generating Inputs of Death by Cadar et al.
Verifying the Safety of User Pointer Dereferences by Bugrara and Aiken

Cross-site scripting, SQL injection, cross-site request forgery

Cross Site Scripting Explained by Klein
Advanced SQL Injection in SQL Server Applications by Anley
Static Detection of Security Vulnerabilities in Scripting Languages by Xie and Aiken
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities by Jovanovic, Kruegel, and Kirda
Sound and Precise Analysis of Web Applications for Injection Vulnerabilities by Wassermann and Su
Cross-Site Request Forgeries: Exploitation and Prevention by Zeller and Felten
Robust Defenses for Cross-Site Request Forgery by Barth, Jackson, and Mitchell

Web browser security

Beware of Finer-Grained Origins by Jackson and Barth
Pretty-Bad-Proxy: An Overlooked Adversary in Browsers' HTTPS Deployments by Chen et al.
Securing Frame Communication in Browsers by Barth, Jackson, and Mitchell
Protecting Browsers from DNS Rebinding Attacks by Jackson et al.
Protecting Browser State from Web Privacy Attacks by Jackson et al.
Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense by Barth, Weinberger, and Song
Secure Web Browsing with the OP Web Browser by Grier, Tang, and King

Information flow control

A Note on the Confinement Problem by Lampson
A Model for Decentralized Information Flow Control by Myers and Liskov
Language-Based Information-Flow Security by Sabelfeld and Myers
Making Information Flow Explicit in HiStar by Zeldovich et al.
Information Flow Control for Standard OS Abstractions by Krohn et al.

Timing attacks

Timing Attacks on Implementations of Diffi-Hellman, RSA, DSS, and Other Systems by Kocher
Remote Timing Attacks Are Practical by Brumley and Boneh
Timing Analysis of Keystrokes and Timing Attacks on SSH by Song, Wagner, and Tian

Privacy and secure multi-party computation

Tutorials (by Goldreich)

Foundations of Cryptography
Zero-Knowledge
Secure Multi-Party Computation
See also A Proof of Yao's Protocol for Secure Two-Party Computation by Lindell and Pinkas

Database privacy

Security-Control Methods for Statistical Databases: A Comparative Study by Adam and Worthmann
Privacy-Preserving Data Mining by Agrawal and Srikant
On the Design and Quantification of Privacy Preserving Data Mining Algorithms by Agrawal and Aggarwal
Limiting Privacy Breaches in Privacy Preserving Data Mining by Evfimievski, Gehrke, and Srikant
Auditing Boolean Attributes by Kleinberg, Papadimitriou, and Raghavan
Simulatable Auditing by Kenthapadi, Mishra, and Nissim
Revealing Information While Preserving Privacy by Dinur and Nissim
Differential Privacy by Dwork
An Ad Omnia Approach to Defining and Achieving Private Data Analysis by Dwork
Differential Privacy: A Survey of Results by Dwork
Calibrating Noise to Sensitivity in Private Data Analysis by Dwork et al.
Differentially Private Recommender Systems: Building Privacy into the Netflix Prize Contenders by McSherry and Mironov