140 likes | 296 Views
Software Security Lecture 0. Fang Yu Dept. of MIS National Chengchi University Spring 2011. Software Security. Instructor: Fang Yu Office: 150409 Weekly Meeting on Tuesday 9:00-12:00. Errors and Failures. Software is developed by humans, and hence it is not perfect
E N D
Software SecurityLecture 0 Fang Yu Dept. of MIS National Chengchi University Spring 2011
Software Security Instructor: Fang Yu Office: 150409 Weekly Meeting on Tuesday 9:00-12:00
Errors and Failures Software is developed by humans, and hence it is not perfect A human error may introduce a bug in the system When a bug get triggered, it may generate a failure
Security Bugs and Failures A security bug is also called a vulnerability When a vulnerability get triggered (exploited), it may generate a security failure (against the security policy) and compromise the system
Security Analysis Security analysis is the process to determine the security posture of a system It answers the question: is the system vulnerable with respect to the known vulnerabilities?
About this course • We will focus on Web application security and static analysis techniques • You will • Learn how to identify and detect vulnerabilities in web applications • Learn how to exploit vulnerabilities in web applications • Learn how to remove vulnerabilitiesand how to prevent exploits of vulnerabilities in web applications
Main topics • Web Application Security (8-10 weeks) • What are the most common vulnerabilities in web applications? • Common Vulnerability and Exposure • OWASP • Static Analysis Techniques (2-4 weeks) • (Automatic) Code Review • Taint analysis • String analysis • Advance Issues/Techniques/Tools (3-5 weeks) • Selected Papers/Tools
Text books • The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws. • By DafyddStuttard and Marcus Pinto, Wiley Publishing, Inc, 2007 • 全華圖書 02-22625666 • Secure Programming with Static Analysis. • By Brain Chess and Jacob West, Addison-Wesley Professional, 2007
Selected Papers PrateekSaxena, DevdattaAkhawe, Steve Hanna, Feng Mao, Stephen McCamant, Dawn Song. “A Symbolic Execution Framework for JavaScript.” In Proc. of the 31st IEEE Symposium on Security & Privacy (Oakland 2010) Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code M. Cova, C. Kruegel, and G. VignaProceedings of the World Wide Web Conference (WWW2010) PrateekSaxena, Steve Hanna, PongsinPoosankam, Dawn Song. “FLAX: Systematic Discovery of Client-side Validation Vulnerabilities in Rich Web Applications.“ In Proc. of the 17th Network and Distributed System Security Symposium (NDSS 2010) Toward Automated Detection of Logic Vulnerabilities in Web Applications V. Felmetsger, L. Cavedon, C. Kruegel, and G. Vigna Proceedings of the USENIX Security Symposium Washington, 2010 Gary Wassermann and Zhendong Su. “Static Detection of Cross-site Scripting Vulnerabilities.” In Proc. of the 30th International Conference on Software Engineering (ICSE 2008) YichenXie and Alex Aiken. “Static Detection of Security Vulnerabilities in Scripting Languages.” In Proc. of the 15th USENIX Security Symposium (USENIX 2006)
Some Related Tools • Stranger • a string analysis tool for PHP • http://www.cs.ucsb.edu/~vlab/stranger • we are working on a web-based version • Java String Analyzer • a string analysis tool for Java • http://www.brics.dk/JSA/
Course Requirement Select a chapter* of the Hacker’s hand book to present Select a paper* to present Select a tool and find an application to analyze *Send me your topics as soon as you decide (first come first get)
Grade Policy None of you will be failed Participation 10% Chapter and Paper Presentations 40% Term paper 50%
Beyond the technical issues… A comfortable environment for you to practice English Don’t hesitate to ask questions Feel free to drop by my office