40 likes | 184 Views
Software Security Lecture 9. Fang Yu Dept. of MIS, National Chengchi University Spring 2011. Project Proposal Due. Your project proposal (two pages) is due today. Anthony Cimo , Alexis Kirat , Kuan -Ming Chen and I-Yang Dong
E N D
Software SecurityLecture 9 Fang Yu Dept. of MIS, National Chengchi University Spring 2011
Project Proposal Due • Your project proposal (two pages) is due today. • Anthony Cimo, Alexis Kirat, Kuan-Ming Chen and I-Yang Dong • JuiletteMaxime Lessing, Hsing Huang and Chen-Yi Yang • Jorinavan Malsen, Eric Huang and Ruei-Chen Dai • Adam Fremd, Vincent Liou and Ruei-Jiun Liang
Outline Today, we will have Steven presenting Attacking Application Architecture (Chapter 16), I-Yangpresenting Attacking Web Server(Chapter 17) We will also have Ruei-Jiunlead the discussion on the paper: A Symbolic Execution Framework for Java Script, S&P 2010 (UC Berkely). You can find the slides here: http://www.cs.berkeley.edu/~prateeks/papers/kudzu.ppt
Next Week • We will have Chen Yi presenting the last book chapter: Detect Vulnerabilities in Source Code (Chapter 18) • We will also have two paper presentations: • Kuan-Ming leads the discussion: Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code. (Security lab@UCSB) You can find the tool Wepawet here. http://wepawet.iseclab.org/ • Eric leads the discussion on: Toward Automated Detection of Logic Vulnerabilities in Web Applications. (Security lab@UCSB)