University of Cincinnati Logo

20-CS-6056 - Security Vulnerability Assessment
Electrical Engineering & Computer Science

Lecture Material and Notes Week
Legal and Ethical Issues    
    Ethical handling of security vulnerability publishing (JF slides)     13 Jan
    Microsoft Woes     13 Jan
          Notes from Zaina's presentation (thanks Zaina)     13 Jan
          Windows 10 is in trouble (thanks Noah)     13 Jan
          Zowie - the NSA publishes disclosure? (thanks Noah)     13 Jan
    Ethical handling of security vulnerability publishing     reference
    Nash Ethical Model     reference
    CMU CERT disclosure of security vulnerabilities     reference
    Software vulnerability reporting (U. Washington)     reference
    Vulnerability reporting (Coder's Rights Project)     reference
    Misuse of DMCA in DRM (Electronic Frontier Foundation)     reference
    Legal risks of vulnerability disclosure (Stanford Law School)     reference
    Legal example: MIT vs. MBTA (legal complaint)     reference
    Legal example: Cisco vs. Michael Lynn (BBC News)     reference
    Bruce Schneier - opinion     reference
    Google's "Project Zero" bug-finding program     reference
    Google discloses 0-day vulnerability in Windows 8.1     reference
Vulnerability Assessment
    Vulnerability Assessment and Classification(JF slides) 20 Jan
    Vulnerability Assessment (OWASP) Process (CK slides) reference
    Vulnerability Classification (CK slides) reference
    OWASP Risk Rating Methodology (temporarily messed up) -X- Jan
    OWASP Risk Rating Methodology (slides) 20 Jan
    OWASP risk likelihood calculation example reference
    Microsoft Risk Rating Methodology 27 Jan
    Microsoft STRIDE classification 27 Jan
    Microsoft DREAD evaluation 27 Jan
    Mitre Popular Classification Taxonomies with Examples 27 Jan
    Comprehensive Information Security Standard (ISO) reference
    Much more on information security standards from Zaina 27 Jan
Software and OS Vulnerabilities    
    Memory Corruption Vulnerabilities (CK Slides)     reference
    Memory Corruption Vulnerabilities (JF Slides)     27 Jan
    Selected code referenced in the above     27 Jan
    Memory Corruption Protection (JF Slides)     27 Jan
    Stack overflow example     reference
    Stack overflow example     reference
    Buffer overflow (non-Heap) example     reference
    Heap overflow     reference
    Return Oriented Programming     27 Jan
    Code referenced in above     27 Jan
    ROP example: 64-bit (amd64) vs. 32-bit (IA32)     reference
    Other Vulnerabilities (JF Slides)     3 Feb
    Code referenced in above     3 Feb
    Covert and subliminal channels     reference
Software and OS Design and Implementation    
Privilege escalation 3 Feb
Scripts for reconnaissance 3 Feb
Privilege Separation 3 Feb
Ubuntu AppArmor application confinement reference
Ubuntu AppArmor guides reference
Multiple Independent Levels of security 10 Feb
A protection profile for separation kernels 10 Feb
Auditing 10 Feb
Sample incident response plan -- Feb
Language Design Issues    
    Integers in C and Java     10 Feb
    Code for the above     10 Feb
    Type conversion     17 Feb
    Types code for the above     17 Feb
    Pointer considerations     17 Feb
    Pointer code for the above     17 Feb
    Signals     24 Feb
    Code for signal vulnerabilities above     24 Feb
    String considerations     17 Feb
    Code for strings     17 Feb
    Other vulnerabilities     17 Feb
    Code for other vulnerabilities     17 Feb
    Vulnerabilities of the top 10 languages reference
    Programming language vulnerability stats reference
    CERT secure coding data base - C language reference
Network and Protocol Vulnerabilities    
Virus and worm propagation     24 Feb
Security of data in the cloud     24 Feb
Homomorphic encryption implementation     reference
Homomorphic encryption outline     reference
Deduplication and side channel attacks     reference
Deduplication and attacks in sandboxed javascript     reference
Security of deduplication in a virtualized environment     reference
Worm propagation simulator from Princeton U.     24 Feb
The lab to try the simulator on     reference
Network File System     reference
Stateless vs.stateful protocols     reference
Cryptographic algorithms     2 Mar
   Diffie-Hellman Key Exchange     2 Mar
   RSA asymmetric key algorithm for encryption and signing     2 Mar
   AES symmetric key algorithm for encryption     2 Mar
   Hashing for encryption, integrity, authentication     2 Mar
KDC protocol vulnerabilities     2 Mar
IPSec protocol vulnerabilities     reference
NTP vulnerabilities     reference
Reflection and replay attacks     2 Mar
Network Attacks (IP, ICMP, Routing, TCP, Application)    
Denial of Service and Distributed Denial of Service -- Mar
ARP poisoning -- Mar
Distance vector routing -- Mar
Ping flood and Syn flood -- Mar
Padding oracle attacks on CBC transmission -- Mar
SSL/TLS BEAST attack -- Mar
SSL/TLS Bar Mitzvah attack -- Mar
SSL/TLS RC4 Downgrade attack -- Mar
Man-in-the-Browser (SANS) reference
Intrusion and Anomaly Detection and Prevention    
Firewalls and firewall rules
Bro log variables
Hardware and Architecture Vulnerabilities and Attacks    
    Hardware attacks (InfoSec Institute)     reference
Side-channel attacks (Franco's notes) -- Mar
Countermeasures reference
Hardware attack detection, prevention (Franco's Notes) 1,3 Apr
Stealthy dopant-level hardware trojans reference
Hardware involved software attacks reference
Android Vulnerabilities    
Popular Android exploits and what makes them possible -- Apr
Which is more security? How is the security culture different? -- Apr
Configuration Vulnerabilities    
Configuration errors
Reverse Turing test    
Effect of scale and complexity on configuration management    
User Interfaces and Human Factors    
Social engineering    
Social engineering (    
Social engineering - phishing (    
Social engineering - pretexting (    
Social engineering - spam (    
Social engineering - spear phishing (    
Social engineering - penetration testing (    
Social engineering - web-based attacks (    
Social engineering - how to prevent SE attacks    
Social engineering - awareness to prevent attacks    
Social Engineer Toolkit    
Application Security and Malfeasance Detection    
Overview - JF slides
Manual for above
Digital Rights Management
Fraud in E-commerce
Reputation systems
Paul Erdos
Ladies on Campus
Oscar Robinson