University of Cincinnati Logo

20-CS-6056 - Security Vulnerability Assessment
Electrical Engineering & Computer Science

Lecture Material and Notes Week
Legal and Ethical Issues    
    Ethical handling of security vulnerability publishing (JF slides)     13 Jan
    Microsoft Woes     13 Jan
          Notes from Zaina's presentation (thanks Zaina)     13 Jan
          Windows 10 is in trouble (thanks Noah)     13 Jan
          Zowie - the NSA publishes disclosure? (thanks Noah)     13 Jan
    Ethical handling of security vulnerability publishing     reference
    Nash Ethical Model     reference
    CMU CERT disclosure of security vulnerabilities     reference
    Software vulnerability reporting (U. Washington)     reference
    Vulnerability reporting (Coder's Rights Project)     reference
    Misuse of DMCA in DRM (Electronic Frontier Foundation)     reference
    Legal risks of vulnerability disclosure (Stanford Law School)     reference
    Legal example: MIT vs. MBTA (legal complaint)     reference
    Legal example: Cisco vs. Michael Lynn (BBC News)     reference
    Bruce Schneier - opinion     reference
    Google's "Project Zero" bug-finding program     reference
    Google discloses 0-day vulnerability in Windows 8.1     reference
Vulnerability Assessment
    Vulnerability Assessment and Classification(JF slides) -- Jan
    Vulnerability Assessment (OWASP) Process (CK slides) reference
    Vulnerability Classification (CK slides) reference
    OWASP Risk Rating Methodology -- Jan
    OWASP risk likelihood calculation example reference
    Microsoft Risk Rating Methodology -- Jan
    Microsoft STRIDE classification -- Jan
    Microsoft DREAD evaluation -- Jan
    Mitre Popular Classification Taxonomies with Examples -- Jan
    Comprehensive Information Security Standard (ISO) reference
Software and OS Vulnerabilities    
    Memory Corruption Vulnerabilities (CK Slides)     reference
    Memory Corruption Vulnerabilities (JF Slides)     -- Feb
    Code referenced in the above     -- Feb
    Memory Corruption Protection (JF Slides)     -- Feb
    Stack overflow example     reference
    Stack overflow example     reference
    Buffer overflow (non-Heap) example     reference
    Heap overflow     reference
    Return Oriented Programming     -- Feb
    Code referenced in above     -- Feb
    ROP example: 64-bit (amd64) vs. 32-bit (IA32)     reference
    Other Vulnerabilities (JF Slides)     -- Feb
    Code referenced in above     -- Feb
    Covert and subliminal channels     reference
Software and OS Design and Implementation    
Privilege escalation -- Feb
Scripts for reconnaissance -- Feb
Privilege Separation -- Feb
Ubuntu AppArmor application confinement reference
Ubuntu AppArmor guides reference
Multiple Independent Levels of security -- Feb
A protection profile for separation kernels -- Feb
Auditing -- Feb
Sample incident response plan -- Feb
Language Design Issues    
    Integers in C and Java     -- Feb
    Code for the above     -- Feb
    Type conversion     -- Feb
    Types code for the above     -- Feb
    Pointer considerations     -- Feb
    Pointer code for the above     -- Feb
    Signals     -- Feb
    Code for signal vulnerabilities above     -- Feb
    String considerations     -- Feb
    Code for strings     -- Feb
    Other vulnerabilities     -- Feb
    Code for other vulnerabilities     -- Feb
    Vulnerabilities of the top 10 languages reference
    Programming language vulnerability stats reference
    CERT secure coding data base - C language reference
Network and Protocol Vulnerabilities    
Virus and worm propagation     -- Feb
Security of data in the cloud     -- Feb
Homomorphic encryption implementation     reference
Homomorphic encryption outline     reference
Deduplication and side channel attacks     reference
Deduplication and attacks in sandboxed javascript     reference
Security of deduplication in a virtualized environment     reference
Worm propagation simulator from Princeton U.     -- Feb
The lab to try the simulator on     reference
Network File System     reference
Stateless vs.stateful protocols     reference
KDC protocol vulnerabilities     -- Mar
IPSec protocol vulnerabilities     reference
NTP vulnerabilities     reference
Reflection and replay attacks     -- Mar
Guest lecture by Leger on gdb     -- Mar
Network Attacks (IP, ICMP, Routing, TCP, Application)    
Denial of Service and Distributed Denial of Service -- Mar
ARP poisoning -- Mar
Distance vector routing -- Mar
Ping flood and Syn flood -- Mar
Padding oracle attacks on CBC transmission -- Mar
SSL/TLS BEAST attack -- Mar
SSL/TLS Bar Mitzvah attack -- Mar
SSL/TLS RC4 Downgrade attack -- Mar
Man-in-the-Browser (SANS) reference
Intrusion and Anomaly Detection and Prevention    
Firewalls and firewall rules
Bro log variables
Hardware and Architecture Vulnerabilities and Attacks    
    Hardware attacks (InfoSec Institute)     reference
Side-channel attacks (Franco's notes) -- Mar
Countermeasures reference
Hardware attack detection, prevention (Franco's Notes) 1,3 Apr
Stealthy dopant-level hardware trojans reference
Hardware involved software attacks reference
Android Vulnerabilities    
Popular Android exploits and what makes them possible -- Apr
Which is more security? How is the security culture different? -- Apr
Configuration Vulnerabilities    
Configuration errors
Reverse Turing test    
Effect of scale and complexity on configuration management    
User Interfaces and Human Factors    
Social engineering    
Social engineering (    
Social engineering - phishing (    
Social engineering - pretexting (    
Social engineering - spam (    
Social engineering - spear phishing (    
Social engineering - penetration testing (    
Social engineering - web-based attacks (    
Social engineering - how to prevent SE attacks    
Social engineering - awareness to prevent attacks    
Social Engineer Toolkit    
Application Security and Malfeasance Detection    
Overview - JF slides
Manual for above
Digital Rights Management
Fraud in E-commerce
Reputation systems
Paul Erdos
Ladies on Campus
Oscar Robinson