Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
2Activity

Table Of Contents

Approach to Software Security
Security Architecture
Example of a Security
Validating Security
Architecture
Threat modeling
Threat modeling process (1)
Threat modeling process (2)
What is Malware?
Uses of Malware
Typical purposes of Malware
Types of Malware
Antivirus programs
Viruses
Viruses (Cont¶d)
Viruses: Operation
Origin of the term
computer virus
The first computer viruses
Worms
Worms: Operation
Trojan horses
Trojan horses: Operation (1)
Trojan horses: Operation (2)
Backdoors
Backdoors: Operation
Mobile code
Mobile code (Cont¶d)
Mobile code: Operation
Adware
Adware: Operation (1)
Adware: Operation (2)
Sticky software
Future Malware
Information-stealing worms
Information-stealing
worms:Operation
Operations (2)
Polymorphic viruses
Decryption technique
Weaknesses
Metamorphic viruses
Metamorphic viruses:
Operation
Timeline of famous malware
(1982-1988) [wikipedia]
(1998-2000) [wikipedia]
(2001) [wikipedia]
(2003) [wikipedia]
(2004) [wikipedia]
(2005) [wikipedia]
Malware Growth by Year
Secure Coding
Software vulnerability
What is a buffer?
Buffer overflows
How does a buffer overflow
happen?
Two steps
Inject the code
Code already in program
Jump to attack code
Memory regions
Code/text segment
Data segment
Heap
Stack ±I
Stack ±II
When a procedure is called
Function pointer
Longjpm buffer
Example
Result of program
Example [6]
Example illustrated [6]
Buffer overflows defenses
Problems with C
Array bounds checking
Code pointer integrity
checking
StackGuard
Heap overflows
Output
Output after overflow
Auditing for software security
Security auditing problems
Improving the security audit
The FLF hypothesis
Front line functions
Discovering the FLF
measurement
How are these tools used?
Case Study: OpenSSH
Experimental Systems
GAST-MP & SGA
Finding inputs
Finding targets
FLF density
Verification
FLF finder
Research Challenges
Formal
Security Architectures
You now know «
Discussion «
Thank You «
0 of .
Results for:
No results containing your search query
P. 1
Security Testing

Security Testing

Ratings: (0)|Views: 2|Likes:
Published by Sukhmeet Khokhar

More info:

Published by: Sukhmeet Khokhar on Apr 24, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PPT, PDF, TXT or read online from Scribd
See more
See less

06/16/2012

pdf

text

original

You're Reading a Free Preview
Pages 4 to 37 are not shown in this preview.
You're Reading a Free Preview
Pages 41 to 69 are not shown in this preview.
You're Reading a Free Preview
Pages 73 to 119 are not shown in this preview.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->