南京大学：《软件安全 Software Security》课程教学资源（PPT课件讲稿）Byzantine Generals Problem

南京大学：《软件安全 Software Security》课程教学资源（PPT课件讲稿）Use-after-free

• Pin Tool ➢ Introduction ➢ Instrumentation granularity ➢ Trace instrumentation ➢ Example ➢ Other important features • Dynamic Taint Analysis ➢ Introduction ➢ Classify of taint analysis ➢ Taint procedure ➢ Taint analysis for security

I. Program Analysis II. Data Flow Analysis ✓ Available Expressions ✓ Liveness Analysis ✓ Reaching Definitions ✓ Very Busy Expressions III.Theory Behind IV. Sensitivity V. Summary

南京大学：《软件安全 Software Security》课程教学资源（PPT课件讲稿）Return-Orinted Programming（ROP Attack）

• Threat Model • Control Flow Graph • Control Flow Integrity basic implementation – Build CFG – Instrumentation – Evaluation – Security and Adversary • Binary-CFI(CCFIR) – Introduce – Implementation – Context-Sensitive CFI

南京大学：《软件安全 Software Security》课程教学资源（PPT课件讲稿）Redundant dynamic Canary

Background Control Flow Hijack Control Flow Hijack Defense Canary Defense StackGuard StackGuard Weakness DiffGuard Polymorphic Canary Data Execution Prevention Definition DEP Scorecard Return-to-libc Attack ASLR ASLR Randomization ASLR

Software Security Course Overview Description Goal Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits

一、 PKI的组件 二、PKI信任框架 三、 认证标准与认证过程 四、 PMI介绍