System Security
Topics on Advanced OS Course
General Principals
--------------------------
There is a trend that smart devices,
desktop computers, servers are evolving from close OS, fixed applications, and
no connectivity to open OS, flexible services and with connectivity. However,
the security for this domain is much weaker than traditional PC domain.
Therefore, it is necessary to add security education related to system security
in “Advanced OS” course for computer science major graduate students in Depart.
of CS, Tsinghua University.
Topics
Coursewares
--------------------------
Introduction History of softeare security. Confidentiality, integrity and
availability. Security and ethics.
buffer overflows and other memory safety bugs
integer overflows, format string bugs
3.
OS
Security
OS security model, security capabilities, security mechanism
Topics of Android
Security
XSS, XCRF, SQLI, etc
Labs
--------------------------
1.
Lab1:
Buffer Overflow attack
Summary of Papers
--------------------------
1.
KLEE: Unassisted and Automatic Generation of
High-Coverage Tests for Complex Systems Programs
2.
KINT: Improving Integer Security for Systems with KINT
3.
SymDrive: Testing Drivers without Devices
PROJECT LEADS
----------------------------
Shi Yuanchun, Tsinghua University
Yu Chen, Tsinghua University
SPONSORS
------------------------
Intel Corporation