|
|
Secure Software Programming and Vulnerability Analysis
(183.159 Sichere Software und Quellcodeanalyse)
Abstract
The importance of computer systems and their increasing
inter-connectivity are well known today. As more software is
exposed to a growing number of (often anonymous) users, the
number of exploits of software vulnerabilities is rising. These
vulnerabilities seriously threaten the correct functionality of
software systems and people that depend on these systems.
This class introduces students to common programming errors. The
aim is to understand, identify and, ultimately, to avoid such
mistakes and produce more reliable, secure software. Examples
are used to highlight general error classes, such as stack
overflow and format string vulnerabilities. In addition, the
complete software development cycle is analyzed to find ways to
design more secure and more robust software. The lecture is
intended for students with programming experience that want to
improve their skills to implement more secure programs.
News
- Grades are available
- Written exam will be held on Wednesday, 23.06.04, 17.15 - 18.45 st.
- Backup class on Thursday, 03.06.04, 13.00 - 14.00 st. at
Seminarraum E183-1, Treitlstr. 3, 4.Stock
- No class on Monday, 24.05.04
- No class on Monday, 26.04.04
Grades
The total points for this class are calculated as the sum of the
points awarded for the talk (25 points) and the points achieved
at the written exam (up to 75 points). The final grade is
determined from these points using the following table.
| Points | Grade |
| 90-100 | Sehr gut (1) |
| 80-89 | Gut (2) |
| 70-79 | Befriedigend (3) |
| 50-69 | Genuegend (4) |
| 0-49 | Nicht genuegend (5) |
Until end of July, you can improve your grade with an oral
exam. Please send me email when you want to use this
options. Also, the written exams can be reviewed (Einsichtnahme)
any time after sending me an email. Please note that grades will
be final by end of July.
| Matrikelnummer | Exam | Talk | Total Points | Grade |
| 9027972 | 69 | 25 | 94 | 1 |
| 9825055 | 75 | 25 | 100 | 1 |
| 9925248 | 75 | 25 | 100 | 1 |
| 0025230 | 68 | 25 | 93 | 1 |
| 0025313 | 66 | 25 | 91 | 1 |
| 0025546 | 75 | 25 | 100 | 1 |
| 0027599 | 75 | 25 | 100 | 1 |
| 0125096 | 55 | 25 | 80 | 2 |
| 0225106 | 55 | 25 | 80 | 2 |
| 0225494 | 47 | 25 | 72 | 3 |
| 0225692 | 58 | 25 | 83 | 2 |
| 0225818 | 71 | 25 | 96 | 1 |
| 0326055 | 58 | 25 | 83 | 2 |
| 0327038 | 31 | 25 | 56 | 4 |
Topics
- Linux and Unix Security Features
- Input Validation
- Buffer Overflows
- Race Conditions
- Cryptography and Authentication
- Software Engineering Principles for Secure Code
Organization
The lecture is held blocked and will start after the Easter
holidays. The course starts with a preliminary discussion on
Monday, 19th April at 2p.m. sharp in HS 13 Ernst Melan. Regular
classes will be held on Mondays from 2p.m. to 3p.m. and on
Wednesdays from 5p.m. to 6p.m. at the same location.
| What | When | Where |
| Preliminary Discussion | Monday, 19th April 2004, 14.00
st. | HS 13 Ernst Melan |
| | |
| Lectures | Monday, 14.00 - 15.00 st. | HS 13 Ernst
Melan |
| Wednesday, 17.00 - 18.00 st. | HS
13 Ernst Melan |
Slides
- Introduction (pdf)
- Unix and TCP/IP Tutorial (pdf)
- Architecture (pdf)
- Input Validation (pdf)
- Race Conditions (pdf)
- Buffer Overflows (pdf)
- Heap Overflows and Format String Vulnerabilities (pdf)
- Testing and Auditing (pdf)
- Operations and Denial of Service (pdf)
Paper Discussion
| Date | Topic | Papers | People |
| Wed 05.05.04 | Architecture and Privilege Separation | Preventing Privilege Escalation | Szydlowski, M. |
| | A Secure Environment for Untrusted Helper Applications | Froihofer, L. |
| Wed 12.05.04 | Input Validation | Chapter 3, 5, and 6 of A Survey of Prevention Techniques against SQL Injection | Stejskal, M. |
| | Cross Site Scripting Explained | Melbinger, S. |
| | | Schanes, C. |
| Wed 19.05.04 | Race Conditions | Checking for Race Conditions in File Accesses | Kittel, G. |
| | Chapter 1, 2, and 3 of Eraser: A Dynamic Data Race Detector for Multithreaded Programs | Koegler, M. |
| Wed 02.06.04 | Stack Overflow | Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade | Egele, M. |
| | Advanced return-into-lib(c) exploits (PaX case study) | Jauernig, M. |
| | | Maierhofer, A. |
| Mon 07.06.04 | Heap Overflow | Advanced Doug Lea's malloc exploits | Zendel, O. |
| | | Bulla, J. |
| Mon 14.05.04 | Source Code Auditing | Using Programmer-Written Compiler Extensions to Catch Security Holes | Gmeiner, K. |
| | MOPS: an Infrastructure for Examining Security Properties of Software | Timmel, P. |
| Mon 21.05.04 | Administration and Denial of Service | Practical Network Support for IP Traceback | Irlacher, M. |
| | Inferring Internet Denial-of-Service Activity | Schwarz, C. |
| | | Strommer, M. |
|
