Supplemental readings and links:

Required:
http://www.pl-enthusiast.net/2014/07/21/memory-safety/
http://www.pl-enthusiast.net/2014/08/05/type-safety/

Supplemental readings and links:

Attacks and modern defenses, generally
http://cseweb.ucsd.edu/~hovav/papers/sppgmb04.html
http://paulmakowski.wordpress.com/2011/01/25/smashing-the-stack-in-2011/
https://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=Low-Level+Software+Security+by+Example+Erlingsson+Younan+Piessens&gws_rd=ssl

Return-oriented Programming (ROP)
https://cseweb.ucsd.edu/~hovav/dist/geometry.pdf
https://www.usenix.org/legacy/event/sec11/tech/full_papers/Schwartz.pdf
http://www.scs.stanford.edu/brop/

Control-flow integrity (CFI)
http://www.scs.stanford.edu/brop/
http://research.microsoft.com/pubs/64250/ccs05.pdf

Secure coding
https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Coding+Standard
http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/internals.html


Enjoy! Follow us for more...

No comments:

Post a Comment

What is Prototype content functions in JavaScript Framework Programming.mp4

  Download now Enjoy! Follow us for more...