CSE509: Computer System Security, Spring 2023
Home
Schedule
Schedule
Recommended reading material is listed under each lecture.
Tue 1/24
Introduction and Basic Concepts
slides
Why Offensive Security Needs Engineering Textbooks
Thu 1/26
Ethics
slides
About Penetration Testing
Markets for Zero-Day Exploits: Ethics and Implications
Cybercrime: An Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws
Project Zero: Policy and Disclosure: 2021 Edition
Tue 1/31
Threat Landscape and Basic Security Principles
slides
The Protection of Information in Computer Systems
Thu 2/2
Policy, Models, and Trust
slides
Reflections on Trusting Trust
Tue 2/7
Operating System Security Primitives and Principles
slides
Multics Security Evaluation: Vulnerability Analysis
Thirty Years Later: Lessons from the Multics Security Evaluation
Thu 2/9
Software Vulnerabilities
slides
Low-level Software Security: Attacks and Defenses
OWASP: Vulnerabilities
Heap Exploitation Part 1: Understanding the Glibc Heap Implementation
Format String Attacks
Vudo malloc tricks
Once upon a free()...
Basic Integer Overflows
Tue 2/14
Memory Corruption: Code Injection
slides part 1
slides part 2
Smashing The Stack For Fun And Profit
Tao of Windows Buffer Overflow
The Internet Worm Program: An Analysis
Crash course on buffer overflows by the 10K Students initiative
Using GDB to Develop Exploits - A Basic Run Through
Thu 2/16
Memory Corruption: Code Reuse
slides
Getting around non-executable stack (and fix)
non-exec stack
The advanced return-into-lib(c) exploits: PaX case study
x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique
Return-Oriented Programming: Systems, Languages, and Applications
Tue 2/21
Vulnerability Discovery
slides
Fuzz Testing of Application Reliability
Evaluating Fuzz Testing
The Fuzzing Book: Tools and Techniques for Generating Software Tests
Awesome Fuzzing
American Fuzzy Lop
SoK: Sanitizing for Security
Undefined Behavior in 2017
Static Source Code Analysis Tools for C
Automated vulnerability auditing in machine code
Dynamic Program Analysis and Software Exploitation: From the crash to the exploit code
Cyber Grand Shellphish
Thu 2/23
Exploit Mitigations
slides
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks
Documentation for the PaX project
Scraps of notes on remote stack overflow exploitation
Bypassing StackGuard and StackShield
Control-flow Integrity: Principles, Implementations, and Applications
Just-In-Time Code Reuse: On the Effectiveness of Fine-Grained Address Space Layout Randomization
SoK: Eternal War in Memory
Exploitation Mitigations
Mitigating Software Vulnerabilities
Windows 10 Mitigation Improvements
Tue 2/28
Symmetric Key Cryptography
slides
Handbook of Applied Cryptography
The Joy of Cryptography
A Graduate Course in Applied Cryptography
Crypto 101
How (not) to use symmetric encryption
An Empirical Study of Cryptographic Misuse in Android Applications
Thu 3/2
Public Key Cryptography
slides
Applied Crypto Hardening
WhatsApp Encryption Overview
ECDSA: The digital signature algorithm of a better internet
The Matasano Crypto Challenges
Tue 3/7
Authentication
slides
A Framework for Comparative Evaluation of Web Authentication Schemes
Dos and Don’ts of Client Authentication on the Web
Designing an Authentication System: a Dialogue in Four Scenes
zxcvbn
Thu 3/9
Midterm
Tue 3/14
No Class: Spring Recess
Thu 3/16
No Class: Spring Recess
Tue 3/21
Authentication
slides
Thu 3/23
Reverse Engineering
slides
Introduction to Reverse Engineering Win32 Applications
Reverse Engineering for Beginners
How main() is executed on Linux
Reverse Engineering Challenges
System V Application Binary Interface
Malware-Analysis-Training
angr
(State of) The Art of War: Offensive Techniques in Binary Analysis
Tue 3/28
Reverse Engineering
slides
Thu 3/30
Post-exploitation
slides
Remote Exec
Attacking NTLM with Precomputed Hashtables
Post Exploitation Using Meterpreter
Windows Privilege Escalation Fundamentals
Active Directory Attacks
Active Directory Kill Chain Attack & Defense
Hack Back! A DIY Guide
Tue 4/4
Malware
slides
The Art of Computer Virus Research and Defense
How to 0wn the Internet in Your Spare Time
Manufacturing Compromise: The Emergence of Exploit-as-a-Service
Evasive Malware Exposed and Deconstructed
The Inside Story Behind MS08-067
NTIllusion: A portable Win32 userland rootkit
A Catalog of Windows Local Kernel-mode Backdoor Techniques
Thu 4/6
No Class
Tue 4/11
Container Security (Guest lecture by Hamed Ghavamnia)
Thu 4/13
Malware: Incidents
slides
W32.Stuxnet Dossier
Stuxnet 0.5: The Missing Link
W32.Duqu: The precursor to the next Stuxnet
THE DUQU 2.0: Technical Details
Tue 4/18
Intrusion Detection
slides
Bro: A System for Detecting Network Intruders in Real-Time
Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection
The Base-Rate Fallacy and its Implications for the Difficulty of Intrusion Detection
Outside the Closed World:On Using Machine Learning For Network Intrusion Detection
Thu 4/20
Social Engineering
slides
Social Phishing
Interface Illusions
Phishing in Organizations: Findings from a Large-Scale and Long-Term Study
The Social Engineering Framework
Advanced social engineering attacks
People Hacking: The Psychology of Social Engineering
Tue 4/25
Web Security (slides on Piazza - courtesy of Nick Nikiforakis)
App Isolation: Get the Security of Multiple Browsers with Just One
Robust Defenses for Cross-Site Request Forgery
One-Way Web Hacking
CGI Security Holes
NT Web Technology Vulnerabilities
Perl CGI problems
Thu 4/27
Privacy
slides
Detecting and Defending Against Third-Party Tracking on the Web
Adnostic: Privacy Preserving Targeted Advertising
Privacy-Preserving Social Plugins
Cookieless Monster: Exploring the Ecosystem of Web-based Device Fingerprinting
Personal Safety User Guide for Apple devices
Tue 5/2
Anonymity
slides
Tor: The Second-Generation Onion Router
Detecting Traffic Snooping in Tor Using Decoys
A Survey of Worldwide Censorship Techniques
Everything Old is New Part 2: Why Online Anonymity Matters
Thu 5/4
Physical Security
slides
Notes on Picking Pin Tumbler Locks
RFID Hacking
Hacking deeper in the system
State Considered Harmful
Apple Platform Security
Security in ChromeOS