Presentation is loading. Please wait.

Presentation is loading. Please wait.

COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012.

Published byMyles Freeman Modified over 9 years ago

Similar presentations

Presentation on theme: "COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012."— Presentation transcript:

1 COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012

2 Midterm Announcements  Wednesday April 11 in class  No cheat sheet Material 1. Video Lectures “Control hijacking attacks and defense(I)" until "Cross Site Scripting (31 min) (Due Apr 3)". 2. Labs 1-4 3. Required in-class lectures 1. Mobile Security 2. Program Analysis & Verification 4. Required crypto notes

3 Survey!  Please fill out the surveys which we sent out over break!  These help us improve the class.

4 CONTROL HIJACKING

5 Control Hijacking Attacks  Buffer Overflows  Heap Overflows  Double Free  Function Pointer Clobbering  Arc Injection  Format Strings

6 Control Hijacking Defenses  Stack Canaries  Address Randomization  Executable Space Protection (W xor X)  JMP target verification  Return address stack

7 ISOLATION AND LEAST PRIVILEGE

8 Isolation and Least Privilege  chroot  Reference Monitor  Software Fault Isolation  Virtual Machines  Process Isolation  Capabilities  Access Control  Principle of Least Privilege  Confinement Principle

9 MOBILE COMPUTING

10 Mobile Computing  iOS/Android/Windows phone 7 security models  Isolation  Privilege management

11 FUZZING AND PROGRAM ANALYSIS

12 Reasoning on programs  Preconditions  Postconditions  Loop invariants  Memory allocation and memory safety  When/how are variables allocated in the heap/stack?  When/how do access violations occur on read/write?  Corner cases  Bitvector arithmetic  Type casting  Two’s complement representation of signed variables

13 Program Analysis  Program analysis  Soundness & Completeness of techniques  Symbolic execution and dynamic symbolic execution  Generate path conditions through SSA conversion  Solving path constraints for input values  Negation of branch conditions to go explore new paths  merging branch conditions into path constraints in purely static analysis  Fuzzing  whitebox and blackbox

14 TRUSTED COMPUTING AND HARDWARE ISOLATION

15 Trusted Computing  Trusted Platform Module (TPM)  Platform Configuration Registers  Virtual TPM  Trusted Boot  Dynamic Root of Trust  BitLocker  Windows 8 Secure Boot

16 CRYPTOGRAPHY

17 Cryptography  Symmetric and Asymmetric  encryption and decryption  Message Authentication Codes  Cryptographic hashes  Digital signatures  Understand what primitives are important for a given scenario.

18 Cryptography  Integrity, authenticity, authorization, privacy.  Cryptographic hardness  What is it? Where does it come from?  Certificates and certificate authorities  RSA algorithm

19 WEB SECURITY

20 Know your threats!  Web attacker  Control malicious site, which we may call “attacker.com”  Can obtain SSL/TLS certificate for attacker.com  User visits attacker.com Or: runs attacker’s Facebook app, site with attack ad, …  Network attacker  Passive: Wireless eavesdropper  Active: Evil router, DNS poisoning  Malware attacker  Attacker escapes browser isolation mechanisms and run separately under control of OS

21 Browser Operation  Understand the basics of how the browser works  Protocols, rendering, frames, etc.  Inter-domain communication  Browser isolation policies  Same Origin Policy

22 Web Session Management  How are sessions represented?  Cookies store session tokens  Unpredictability, randomness

23 Web Application Security  Know your injections  Command Executing system code  SQL Executing database queries  XSS Executing scripts in a browser as another web site  Note: No CSRF

Download ppt "COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012."

Similar presentations

Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,

Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,
Finding bugs: Analysis Techniques & Tools Symbolic Execution & Constraint Solving CS161 Computer Security Cho, Chia Yuan.

Finding bugs: Analysis Techniques & Tools Symbolic Execution & Constraint Solving CS161 Computer Security Cho, Chia Yuan.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Moving Target Defense in Cyber Security

Moving Target Defense in Cyber Security
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.

Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.

Trusted Computing Initiative Beyond trustworthy. Trusted Computing  Five Key Concepts >Endorsement Key >Secure Input and Output >Memory Curtain / Protected.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.

It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/

Similar presentations

Ads by Google