Questões de Segurança em Engenharia de Software

2018/19

Mestrado em Segurança Informática
Departamento de Ciência de Computadores
Faculdade de Ciências da Universidade do Porto

Home | Lectures | Assignments | Exams | Piazza

Lectures

11. Jan. 3, 2019: Concurrency and security: the "time and state" pernitious kingdom; example vulnerabilities: race conditions involving processes, threads, and covert channels. Slides Slides Multithreaded program testing. Case study: the Cooperari system. Slides Slides

10. Dez. 13, 2018: discussion of project 2. Security-oriented testing (cont.)

Dez. 6, 2018: class cancelled, rescheduled to Jan. 3, 2019.

9. Nov. 29: Security-oriented-testing.
Discussion: the BSIMM activities for the security testing touchpoint. Slides Slides
Approaches for standard functional testing: graph-based coverage, input space partitioning, mutation testing, property-based testing. Slides Slides Java/JUnit examples (II) Java/JUnit testing examples (II)
Fuzz testing: use of randomisation and mutation techniques, black-box and white-box fuzzing, symbolic execution. Slides Slides

8. Nov. 22, 2018: Buffer overflows (conclusion). Software testing: fundamental notions. Test case, test failure, test requirement, and coverage criteria. Fault, error and failure. RIP conditions for test failure: reachability, infection, and propagation. Simple coverage criteria and their limitations: line, instruction and branch coverage. Coverage criteria subsumption. Slides Slides Java/JUnit examples Java/JUnit testing examples

7. Nov. 15, 2018: Buffer overflow vulnerabilities - part 2. Understanding function calls and the stack. Basic stack-smashing attacks in detail. Format-string vulnerabilities. Other stack-smashing attacks: return-to-libc, ROP chains. Memory protection measures: stack canaries, DEP/NX protection, address-space layout randomization (ASLR). Secure vs non-secure functions in the C library. Secure coding guidelines. Other compiler aids: fortified source code and runtime sanitizers. Source code analysis tools. Slides Slides C program examples C program examples

6. Nov. 8, 2018: Buffer overflow vulnerabilities - part 1. Introduction, types of buffer overflow, C language vulnerabilities, brief demo of stack-smashing attack (to cover in more detail during next class). Slides Slides C program examples C program examples

Nov. 1, 2018: holiday.

5. Oct. 25, 2018: Web application vulnerabilites (part 2): DOM-based XSS vulnerabilities. The DOM model, Javascript and the DOM, insecure features in the Javascript language and API, example vulnerabilities. Slides Slides Javascript examples Javascript examples
Wrap-up discussion on input validation. Notions of trust boundary, chokepoint, syntactic and semantic checks. Complementary techniques and input validation issues. Slides Slides

4. Oct. 18, 2018: Web-application specific vulnerabilities: cookie-related vulnerabilities, cross-site request forgery (CSRF), and cross-site scripting (XSS). Slides Slides

3. Oct. 11, 2018: Injection vulnerabilities: general description and attack pattern. The two most common injection vulnerabilities: OS command injection and SQL injection, and their detection, prevention, or mitigation. Brief reference to other types of injection vulnerabilities. Slides Slides

Oct. 4, 2018: No class (lecturer away on conference).

2. Sep. 27, 2018: The software development life-cycle (SDLC) and security touch points. Overview of the main security-oriented tasks in the SDLC. Small examples of code reviewing, testing, and pen-testing. Slides Slides

1. Sep. 20, 2018: Introduction to the QSES course: syllabus and assessment rules. Software engineering and security, an introduction: motivation, basic notions, common misconceptions and guiding principles. Slides Slides