TDDC90 Software Security (6 ECTS)
Literature - Additional
LAB 1: PONG
Here are some papers and other resources on manual code inspection. They are provided as a starting point for you; you are not required to read them all.
The following links to catalogs of vulnerability types may be helpful when trying to figure out what to look for in code reviews.
|CWE - Common Weakness Enumeration|
|CLASP Vulnerability view|
These are two reports on security reviews conducted on electronic voting machine software. These reviews used a combination of methods to arrive at the results.
The following classical paper on how to exploit stack-based buffer overflows may be helpful for the exploit-part of the lab.
|Aleph One. Smashing The Stack For Fun and Profit. Phrack 49, 14. 1996.|
A paper on setuid (useful when fixing PONG).
|H. Chen, D. Wagner, D. Dean: Setuid Demystified (11th Usenix Security Symposium, 2002)|
Vulnerabilities, exploits and prevention
Secure software development and secure design
This list of resources is made available as-is. There may be little or no overlap with what is discussed in the course, however it is a good starting point for those who want to dive deeper into some topics.
|P. Godefroid, M. Levin, D. Molnar. Automated Whitebox Fuzz Testing. Microsoft Research Technical Report MSR-TR-2007-58.|
Software engineering reviews
|1028-2008 - IEEE Standard for Software Reviews and Audits (section 6 only) Available via the LiU-library website.|
|Common Criteria: An Introduction|
Page responsible: Ulf Kargén
Last updated: 2019-10-31