Lectures
11. Jan. 3, 2019: Concurrency and security: the "time and state" pernitious kingdom; example vulnerabilities: race conditions involving processes, threads, and covert channels. Slides Multithreaded program testing. Case study: the Cooperari system. Slides
10. Dez. 13, 2018: discussion of project 2. Security-oriented testing (cont.)
Dez. 6, 2018: class cancelled, rescheduled to Jan. 3, 2019.
9. Nov. 29: Security-oriented-testing.
Discussion: the BSIMM activities for the security testing touchpoint.
Slides
Approaches for standard functional testing: graph-based coverage,
input space partitioning, mutation testing, property-based testing.
Slides
Java/JUnit testing examples (II)
Fuzz testing: use of randomisation and mutation techniques, black-box and white-box fuzzing,
symbolic execution.
Slides
8. Nov. 22, 2018: Buffer overflows (conclusion). Software testing: fundamental notions. Test case, test failure, test requirement, and coverage criteria. Fault, error and failure. RIP conditions for test failure: reachability, infection, and propagation. Simple coverage criteria and their limitations: line, instruction and branch coverage. Coverage criteria subsumption. Slides Java/JUnit testing examples
7. Nov. 15, 2018: Buffer overflow vulnerabilities - part 2. Understanding function calls and the stack. Basic stack-smashing attacks in detail. Format-string vulnerabilities. Other stack-smashing attacks: return-to-libc, ROP chains. Memory protection measures: stack canaries, DEP/NX protection, address-space layout randomization (ASLR). Secure vs non-secure functions in the C library. Secure coding guidelines. Other compiler aids: fortified source code and runtime sanitizers. Source code analysis tools. Slides C program examples6. Nov. 8, 2018: Buffer overflow vulnerabilities - part 1. Introduction, types of buffer overflow, C language vulnerabilities, brief demo of stack-smashing attack (to cover in more detail during next class). Slides C program examples
Nov. 1, 2018: holiday.
5. Oct. 25, 2018:
Web application vulnerabilites (part 2): DOM-based
XSS vulnerabilities. The DOM model, Javascript and the DOM,
insecure features in the Javascript language and API,
example vulnerabilities.
Slides
Javascript examples
Wrap-up discussion on input validation.
Notions of trust boundary, chokepoint, syntactic and semantic checks.
Complementary techniques and input validation issues.
Slides
4. Oct. 18, 2018: Web-application specific vulnerabilities: cookie-related vulnerabilities, cross-site request forgery (CSRF), and cross-site scripting (XSS). Slides
3. Oct. 11, 2018: Injection vulnerabilities: general description and attack pattern. The two most common injection vulnerabilities: OS command injection and SQL injection, and their detection, prevention, or mitigation. Brief reference to other types of injection vulnerabilities. Slides
Oct. 4, 2018: No class (lecturer away on conference).
2. Sep. 27, 2018: The software development life-cycle (SDLC) and security touch points. Overview of the main security-oriented tasks in the SDLC. Small examples of code reviewing, testing, and pen-testing. Slides
1. Sep. 20, 2018: Introduction to the QSES course: syllabus and assessment rules. Software engineering and security, an introduction: motivation, basic notions, common misconceptions and guiding principles. Slides