University of Cincinnati Logo
 

20-CS-5156 - Security Vulnerability Assessment
Electrical Engineering & Computer Science

   
Lecture Material and Notes Week
Legal and Ethical Issues    
    Ethical handling of security vulnerability publishing (JF slides)     14 Jan & 21 Jan
    Ethical handling of security vulnerability publishing     reference
    Nash Ethical Model     reference
    CMU CERT disclosure of security vulnerabilities     reference
    Software vulnerability reporting (U. Washington)     reference
    Vulnerability reporting (Coder's Rights Project)     reference
    Misuse of DMCA in DRM (Electronic Frontier Foundation)     reference
    Legal risks of vulnerability disclosure (Stanford Law School)     reference
    Legal example: MIT vs. MBTA (legal complaint)     reference
    Legal example: Cisco vs. Michael Lynn (BBC News)     reference
    Bruce Schneier - opinion     reference
    Google's "Project Zero" bug-finding program     reference
    Google discloses 0-day vulnerability in Windows 8.1     reference
 
Vulnerability Assessment
    Vulnerability Assessment and Classification(JF slides) 25-28 Jan
    Vulnerability Assessment (OWASP) Process (CK slides) reference
    Vulnerability Classification (CK slides) reference
    OWASP Risk Rating Methodology 25 Jan
    OWASP risk likelihood calculation example reference
    Microsoft Risk Rating Methodology 28 Jan
    Microsoft STRIDE classification 28 Jan
    Microsoft DREAD evaluation 28 Jan
    Mitre Popular Classification Taxonomies with Examples 28 Jan
    Comprehensive Information Security Standard (ISO) reference
 
Software and OS Vulnerabilities    
    Memory Corruption Vulnerabilities (CK Slides)     reference
    Memory Corruption Vulnerabilities (JF Slides)     1 Feb
    Code referenced in the above     1 Feb
    Memory Corruption Protection (JF Slides)     4 Feb
    Stack overflow example     reference
    Stack overflow example     reference
    Buffer overflow (non-Heap) example     reference
    Heap overflow     reference
    Return Oriented Programming     6 Feb
    Code referenced in above     6 Feb
    ROP example: 64-bit (amd64) vs. 32-bit (IA32)     reference
    Other Vulnerabilities (JF Slides)     8 Feb
    Code referenced in above     8 Feb
    Covert and subliminal channels     reference
 
Software and OS Design and Implementation    
Privilege escalation 11 Feb
Scripts for reconnaissance 11 Feb
Privilege Separation 11 Feb
Ubuntu AppArmor application confinement reference
Ubuntu AppArmor guides reference
Multiple Independent Levels of security 15 Feb
A protection profile for separation kernels 15 Feb
Auditing 15 Feb
Sample incident response plan 15 Feb
 
Language Design Issues    
    Integers in C and Java     18 Feb
    Code for the above     18 Feb
    Type conversion     20 Feb
    Types code for the above     20 Feb
    Pointer considerations     22 Feb
    Pointer code for the above     22 Feb
    Signals     22 Feb
    Code for signal vulnerabilities above     22 Feb
    String considerations     -- Feb
    Code for strings     -- Feb
    Other vulnerabilities     22 Feb
    Code for other vulnerabilities     22 Feb
    Vulnerabilities of the top 10 languages reference
    Programming language vulnerability stats reference
    CERT secure coding data base - C language reference
 
Network and Protocol Vulnerabilities    
Virus and worm propagation     25 Feb
Security of data in the cloud     27 Feb
Homomorphic encryption implementation     reference
Homomorphic encryption outline     reference
Deduplication and side channel attacks     reference
Deduplication and attacks in sandboxed javascript     reference
Security of deduplication in a virtualized environment     reference
Worm propagation simulator from Princeton U.     25 Feb
The lab to try the simulator on     reference
Network File System     reference
Stateless vs.stateful protocols     reference
KDC protocol vulnerabilities     6 Mar
IPSec protocol vulnerabilities     reference
NTP vulnerabilities     reference
Reflection and replay attacks     4 Mar
Guest lecture by Leger on gdb     1 Mar
 
Network Attacks (IP, ICMP, Routing, TCP, Application)    
Denial of Service and Distributed Denial of Service 11 Mar
ARP poisoning 11 Mar
Distance vector routing 11 Mar
Ping flood and Syn flood 11 Mar
Padding oracle attacks on CBC transmission 13 Mar
SSL/TLS BEAST attack 13 Mar
SSL/TLS Bar Mitzvah attack 13 Mar
SSL/TLS RC4 Downgrade attack 13 Mar
Man-in-the-Browser (SANS) reference
 
Intrusion and Anomaly Detection and Prevention    
Tools
Honeypots
Firewalls and firewall rules
Bro log variables
 
Hardware and Architecture Vulnerabilities and Attacks    
    Hardware attacks (InfoSec Institute)     reference
Side-channel attacks (Franco's notes) 25-29 Mar
Countermeasures reference
Hardware attack detection, prevention (Franco's Notes) 1,3 Apr
Stealthy dopant-level hardware trojans reference
Hardware involved software attacks reference
 
Android Vulnerabilities    
Popular Android exploits and what makes them possible 3,5 Apr
Which is more security? How is the security culture different? 5 Apr
 
Configuration Vulnerabilities    
Configuration errors
Reverse Turing test    
Effect of scale and complexity on configuration management    
 
User Interfaces and Human Factors    
Social engineering    
Social engineering (Whatis.com)    
Social engineering - phishing (Whatis.com)    
Social engineering - pretexting (Whatis.com)    
Social engineering - spam (Whatis.com)    
Social engineering - spear phishing (Whatis.com)    
Social engineering - penetration testing (Whatis.com)    
Social engineering - web-based attacks (techtarget.com)    
Social engineering - how to prevent SE attacks    
Social engineering - awareness to prevent attacks    
Social Engineer Toolkit    
 
Application Security and Malfeasance Detection    
Overview - JF slides
Code
Manual for above
Digital Rights Management
Watermarking
Steganography
Fraud in E-commerce
Reputation systems
SPAM
 
ERC
MainStreet
Paul Erdos
NIT
Ladies on Campus
Oscar Robinson