SIL765: Network & System Security : Readings


Secure system design

Buffer Overflows, Integer Overflows, formatstring vulnerabilties, other libc bugs [PDF]

Access Control and Protection [PDF]

Defenses against well-known attacks (buffer overflows, etc.) [PDF]

Heap Spraying / Stack Spraying Attacks [PDF]

Testing for security via fuzzing

Tools for writing robust application code

Dealing with bad (legacy) application code: sandboxing and isolation [PDF]


Data Lifetime

OS abstractions for Browsers

Use of cryptography in computer security [PDF]

Security problems in network protocols: TCP, DNS, SMTP, and routing [PDF]

Network defense tools: Firewalls, VPNs, Intrusion Detection, and filters [PDF]

Malware: Computer viruses, spyware, and key-loggers [PDF]

Bot-nets: Attacks and Defenses [PDF]

Unwanted Traffic: Denial-of-Service attacks and Spam email [PDF]

Network security testing [PDF]

Social Network Security

Mobile Networks


Basic web security model [PDF]

User authentication and session management [PDF, PDF]

Web site security [PDF]

Digital Rights Management [PDF]