1. CSCE 548 �Secure Software Development��Final Exam – Review�
2. Project – Final Report Project Final Report
Electronic submission: April 25, 5:00 pm
Hard copy: April 25, 2010 5:30 pm
CSCE 548 - Farkas 2
3. Final Project Format Title
Author
Abstract
What you did in this paper
1. Introduction
2. Related work
3. Background information
4. Current research/development
5. Conclusions and Future Work
6. Group members’ contributions
References
CSCE 548 - Farkas 3
4. Final Exam CSCE 548 - Farkas 4
5. CSCE 548 - Farkas 5 Reading McGraw: Software Security: Chapters 1 – 9, 12
19 Deadly Sins:
Chapter 1: Buffer overruns
Chapter 2: Format string problems
Chapter 3: Integer overflows
Chapter 4: SQL injection
Chapter 6: Failure to handle errors
Chapter 7: Cross-site scripting
Chapter 13: Information leakage
Chapter 14: Improper file access
6. Non-Textbook Reading NEW:
Secure Design Patterns, Software Engineering Institute, Carnegie Mellon, www.cert.org/archive/pdf/09tr010.pdf
OLD:
Lodderstedt et. al, SecureUML: A UML-Based Modeling Language for Model-Driven Security, http://kisogawa.inf.ethz.ch/WebBIB/publications-softech/papers/2002/0_secuml_uml2002.pdf
B. Littlewood, P. Popov, L. Strigini, "Modelling software design diversity - a review", ACM Computing Surveys, Vol. 33, No. 2, June 2001, pp. 177-208, http://portal.acm.org/citation.cfm?doid=384192.384195
I. Alexander, Misuse Cases: Use Cases with Hostile Intent, IEEE Software, vol. 20, no. 1, pp. 58-66, Jan./Feb. 2003. http://www.computer.org/portal/web/csdl/doi/10.1109/MS.2003.1159030
B. Schneier on Security, http://schneier.com/blog/archives/2007/05/is_penetration.html
P. Meunier, Classes of Vulnerabilities and Attacks, Wiley Handbook of Science and Technology for Homeland Security, http://homes.cerias.purdue.edu/~pmeunier/aboutme/classes_vulnerabilities.pdf
CSCE 548 - Farkas 6
7. CSCE 548 - Farkas 7 Final Exam April 25, 2012, 5:30 pm – 7:30 pm
Room: 2A 15
Closed book – 1 page cheat sheet
8. 19 deadly Sins Overview of the sin
Affected languages
Overview of the sin -- at the level of presentations, focusing on the text book
How to detect?
Best practices
CSCE 548 - Farkas 8
9. Sample Questions – 19 deadly sins Explain why casting operations may lead to integer overflows.
Why is it dangerous to use “gets” to read input in C/C++ code? Recommend an alternate.
What is the difference between attack patterns and taxonomy of programming errors?
Indirect information flow may be created by inferences. Give an example of an unauthorized inference that cannot be controlled using traditional access control.
Show an example code for SQL Injection. Explain the security problem.
Why does a failed Windows impersonation create a security problem if not handled properly?
Show the binary representations of the decimal numbers +70 and +80. Show their addition using an 8 bits register. CSCE 548 - Farkas 9
10. Sample Questions Explain a way how buffer overruns occur. Which languages are the most vulnerable?
Define covert and overt communication channels.
Explain the 2 stages of the buffer overrun attack.
Why do we have binary arithmetic operations that yield results different on paper than by a computer. Give an example.
What type of access control Windows support? Give a common access control mistake in Windows environment.
Should stored data be protected by the operating system security or by database management system security?
CSCE 548 - Farkas 10
