1 / 4

Software Security Lecture 9

Software Security Lecture 9. Fang Yu Dept. of MIS, National Chengchi University Spring 2011. Project Proposal Due. Your project proposal (two pages) is due today. Anthony Cimo , Alexis Kirat , Kuan -Ming Chen and I-Yang Dong

gilead
Download Presentation

Software Security Lecture 9

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Software SecurityLecture 9 Fang Yu Dept. of MIS, National Chengchi University Spring 2011

  2. Project Proposal Due • Your project proposal (two pages) is due today. • Anthony Cimo, Alexis Kirat, Kuan-Ming Chen and I-Yang Dong • JuiletteMaxime Lessing, Hsing Huang and Chen-Yi Yang • Jorinavan Malsen,  Eric Huang and Ruei-Chen Dai • Adam Fremd, Vincent Liou and Ruei-Jiun Liang

  3. Outline Today, we will have Steven presenting Attacking Application Architecture (Chapter 16), I-Yangpresenting Attacking Web Server(Chapter 17) We will also have Ruei-Jiunlead the discussion on the paper: A Symbolic Execution Framework for Java Script, S&P 2010 (UC Berkely). You can find the slides here: http://www.cs.berkeley.edu/~prateeks/papers/kudzu.ppt

  4. Next Week • We will have Chen Yi presenting the last book chapter: Detect Vulnerabilities in Source Code (Chapter 18) • We will also have two paper presentations: • Kuan-Ming leads the discussion: Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code. (Security lab@UCSB) You can find the tool Wepawet here. http://wepawet.iseclab.org/ • Eric leads the discussion on: Toward Automated Detection of Logic Vulnerabilities in Web Applications. (Security lab@UCSB)

More Related