Computer Security: A Hands-On Approach

Attacks and defense: buffer overflow, race condition, dirty COW, meltdown and spectre , shellshock, format string

What you'll learn

How to exploit software vulnerabilities, and launch attacks

How to defend against various attacks and how to write secure code

Practical skills in cybersecurity

The fundamental problems of various software vulnerabilities

Requirements

Have basic programming background.

Understand basic operating system concepts, such as users, process, memory, etc.

Description

This course focuses on a variety of attacks on computer systems. Some of them are classical attacks, and some are quite new, such as the recently discovered Dirty COW, Meltdown, and Spectre attacks. The course emphasizes hands-on learning. For each attack covered, students not only learn how the attack work in theory, they also learn how to actually conduct the attack, in a contained virtual machine environment. The hands-on exercises developed by the instructor are called SEED labs, and they are being used by over 1000 institutes worldwide. The course is based on the textbook written by the instructor. The book, titled "Computer & Internet Security: A Hands-on Approach, 2nd Edition", has been adopted by over 120 universities and colleges worldwide.

Overview

Section 1: Lab Setup and Linux Security Basics

Lecture 1 Introduction

Lecture 2 Set Up the Lab Environment

Lecture 3 Textbook

Lecture 4 Linux Users and Groups

Lecture 5 Access Control and Permissions

Lecture 6 Running Commands as Superuser

Lecture 7 Summary

Section 2: Set-UID Privileged Programs

Lecture 8 Introduction

Lecture 9 The Need for Privileged Programs

Lecture 10 The Set-UID Mechanism

Lecture 11 What Can Go Wrong?

Lecture 12 Attacks via Environment Variables

Lecture 13 Attacks via Explicit User Inputs

Lecture 14 Capability Leaking

Lecture 15 Security Analysis and Summary

Lecture 16 Lab Exercise

Section 3: Shellshock Attack

Lecture 17 Introduction

Lecture 18 Shellshock Vulnerability

Lecture 19 Exploit the Vulnerability

Lecture 20 Reverse Shell

Lecture 21 Launch the Reverse Shell Attack & Summary

Lecture 22 Lab Exercise

Section 4: Buffer-Overflow Attacks

Lecture 23 Introduction

Lecture 24 Memory Layout

Lecture 25 Stack Layout

Lecture 26 Buffer Overflow Vulnerability

Lecture 27 Experiment Environment Setup

Lecture 28 Launching Buffer Overflow Attacks

Lecture 29 Exercises

Lecture 30 Writing Shellcode

Lecture 31 Countermeasures Overview

Lecture 32 Developer's Approach

Lecture 33 Address Space Layout Randomization

Lecture 34 Shell Program's Defense

Lecture 35 Non-Executable Stacks

Lecture 36 Compiler's Approach: StackGuard

Lecture 37 Heap-Based Buffer Overflow

Lecture 38 Summary

Lecture 39 Lab Exercise

Section 5: Return-to-Libc Attacks

Lecture 40 Introduction

Lecture 41 Non-Executable Stacks

Lecture 42 Overcome the Challenges

Lecture 43 The Return-to-libc Attack

Lecture 44 Return Oriented Programming

Lecture 45 Chaining Function Calls w/o Arguments

Lecture 46 Chaining Function Calls with Arguments

Lecture 47 Chaining Function Calls from Library

Lecture 48 The Final Attack

Lecture 49 Lab Exercise

Section 6: Race Condition

Lecture 50 Introduction

Lecture 51 Race Condition Vulnerability

Lecture 52 Attack

Lecture 53 Improved Attack

Lecture 54 Countermeasures

Lecture 55 Principle of Least Privilege

Lecture 56 Lab Exercise

Section 7: Dirty COW Attack

Lecture 57 Introduction and Background

Lecture 58 Background

Lecture 59 Memory Mapping

Lecture 60 Mapping Read-Only Files

Lecture 61 The Dirty COW Vulnerability

Lecture 62 Launch the Attack & Summary

Lecture 63 Lab Exercise

Section 8: Meltdown and Spectre Attacks

Lecture 64 Introduction

Lecture 65 Side Channels

Lecture 66 Use CPU Cache as Side Channel

Lecture 67 "Secret Room and Guards"

Lecture 68 Out Of Order Execution in Meltdown Attack

Lecture 69 Launch the Meltdown Attack

Lecture 70 Speculative Execution in Spectre Attack

Lecture 71 Launch the Spectre Attack

Lecture 72 Summary

Lecture 73 Lab Exercises

Section 9: Format String Vulnerability and Attack

Lecture 74 Introduction

Lecture 75 How Format String Works

Lecture 76 Format Stings with Missing Arguments

Lecture 77 Read from Memory Using Vulnerabilities

Lecture 78 Write to Memory

Lecture 79 Write to Memory Faster

Lecture 80 Code Injection

Lecture 81 Remote Code Injection

Lecture 82 Countermeasures

Lecture 83 Summary

Lecture 84 Lab Exercise

Students who are interested in learning both theory and hands-on skills in cybersecurity,Software developers who are interested in improving the security of their programs,Graduate and upper-division undergraduate students in computer science, computer engineering, and IT-related fields