南京大学：《网络安全与入侵检测 Network Security and Intrusion Detection》课程教学资源（课件讲稿）16 Bloom Filter for Network Security

南京大学：《网络安全与入侵检测 Network Security and Intrusion Detection》课程教学资源（课件讲稿）18 Web Security（SQL Injection and Cross-Site Request Forgery）

▪ 了解加密技术的发展及其相关知识 ▪ 掌握加密技术的原理 ➢最基本的加密算法 ➢对称加密算法原理 ➢非对称加密算法原理

Software Security Course Overview Description Goal Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits

Buffer Overflow:The Essentials Vulnerability Metrics What are Buffer Overflow? Basic Example Shellcode Definition Basic Example Shell-Spawning Shellcode A Real World Buffer Overflow Attack Key Point A vulnerability in Easy RM to MP3 Conversion How to hack the vulnerable program Integer Overflow Overview A Real World Example Common Patterns in Integer Overflow Heap Overflow What is the Heap? An Abstract Example

南京大学：《软件安全 Software Security》课程教学资源（PPT课件讲稿）Redundant dynamic Canary

◼ What Is a Format String ◼ Format Functions ◼ Ellipsis and va_args ◼ Summary ◼ Using Format Strings ◼ Format Tokens ◼ Types of Format Specifiers ◼ Summary ◼ Format String Vulnerability ◼ Abusing Format Strings ◼ Reading Memory ◼ Writing to Memory ◼ Summary ◼ Finding Format String Bugs ◼ FlawFinder

• Static Program Representation ➢ Control Flow Graph ➢ Program Dependence Graph ➢ Points-to Graph ➢ Call Graph • Control Flow Graph Extraction ➢ Source Code to CFG ➢ ELF/PE File to CFG • Applications ➢ Control Flow Integrity – Principles and Implementations(CFI) ➢ Practical Control Flow Integrity & Randomization for Binary Executables(CCFIR) • Summary

• Pin Tool ➢ Introduction ➢ Instrumentation granularity ➢ Trace instrumentation ➢ Example ➢ Other important features • Dynamic Taint Analysis ➢ Introduction ➢ Classify of taint analysis ➢ Taint procedure ➢ Taint analysis for security

南京大学：《软件安全 Software Security》课程教学资源（PPT课件讲稿）Byzantine Generals Problem