Presentation is loading. Please wait.

Presentation is loading. Please wait.

Software Security Lecture 9 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.

Published byDamian Manning Modified over 9 years ago

Similar presentations

Presentation on theme: "Software Security Lecture 9 Fang Yu Dept. of MIS, National Chengchi University Spring 2011."— Presentation transcript:

1 Software Security Lecture 9 Fang Yu Dept. of MIS, National Chengchi University Spring 2011

2 Project Proposal Due  Your project proposal (two pages) is due today.  Anthony Cimo, Alexis Kirat, Kuan-Ming Chen and I-Yang Dong  Juilette Maxime Lessing, Hsing Huang and Chen-Yi Yang  Jorina van Malsen, Eric Huang and Ruei- Chen Dai  Adam Fremd, Vincent Liou and Ruei-Jiun Liang

3 Outline  Today, we will have Steven presenting Attacking Application Architecture (Chapter 16), I-Yang presenting Attacking Web Server (Chapter 17)  We will also have Ruei-Jiun lead the discussion on the paper: A Symbolic Execution Framework for Java Script, S&P 2010 (UC Berkely). You can find the slides here: http://www.cs.berkeley.edu/~prateeks/paper s/kudzu.ppt

4 Next Week  We will have Chen Yi presenting the last book chapter: Detect Vulnerabilities in Source Code (Chapter 18)  We will also have two paper presentations:  Kuan-Ming leads the discussion: Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code. (Security lab@UCSB) You can find the tool Wepawet here. http://wepawet.iseclab.org/http://wepawet.iseclab.org/  Eric leads the discussion on: Toward Automated Detection of Logic Vulnerabilities in Web Applications. (Security lab@UCSB)

Download ppt "Software Security Lecture 9 Fang Yu Dept. of MIS, National Chengchi University Spring 2011."

Similar presentations

Modern Web Application Frameworks CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Modern Web Application Frameworks CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
Software Security Lecture 4 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.

Software Security Lecture 4 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.
Software Security Lecture 11 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.

Software Security Lecture 11 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.
Automating Bespoke Attack Ruei-Jiun Chapter 13. Outline Uses of bespoke automation ◦ Enumerating identifiers ◦ Harvesting data ◦ Web application fuzzing.

Automating Bespoke Attack Ruei-Jiun Chapter 13. Outline Uses of bespoke automation ◦ Enumerating identifiers ◦ Harvesting data ◦ Web application fuzzing.
CIS101 Introduction to Computing Week 11 Spring 2004.

CIS101 Introduction to Computing Week 11 Spring 2004.
Software Security Lecture 12 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.

Software Security Lecture 12 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.
Software Security Lecture 8 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.

Software Security Lecture 8 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.
Software Security Lecture 10 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.

Software Security Lecture 10 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.
Software Security Lecture 0 Fang Yu Dept. of MIS National Chengchi University Spring 2011.

Software Security Lecture 0 Fang Yu Dept. of MIS National Chengchi University Spring 2011.
Software Security Lecture 6 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.

Software Security Lecture 6 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.
SOFTWARE SECURITY JORINA VAN MALSEN 1 FLAX: Systematic Discovery of Client-Side Validation Vulnerabilities in Rich Web Applications.

SOFTWARE SECURITY JORINA VAN MALSEN 1 FLAX: Systematic Discovery of Client-Side Validation Vulnerabilities in Rich Web Applications.
Software Security Lecture 5 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.

Software Security Lecture 5 Fang Yu Dept. of MIS, National Chengchi University Spring 2011.
IS6112 Application Modelling and Design Introduction.

IS6112 Application Modelling and Design Introduction.
ACTIVE X By Ethan Huang. OUTLINE What is ActiveX? Component of ActiveX Why ActiveX? ActiveX and Java Security Issue.

ACTIVE X By Ethan Huang. OUTLINE What is ActiveX? Component of ActiveX Why ActiveX? ActiveX and Java Security Issue.
A problem in IMS Learning Design To promote interoperability, few services Local tool frameworks like LAMS have much richer tool environment –Easy provisioning.

A problem in IMS Learning Design To promote interoperability, few services Local tool frameworks like LAMS have much richer tool environment –Easy provisioning.
SWE 444: Internet & Web Application Development0.1 SWE 444 Internet and Web Application Development Dr. Abdallah Al-Sukairi and Dr. Sahalu Junaidu

SWE 444: Internet & Web Application Development0.1 SWE 444 Internet and Web Application Development Dr. Abdallah Al-Sukairi and Dr. Sahalu Junaidu
Advance Security term paper Proposal Wei Huang Spring 2005.

Advance Security term paper Proposal Wei Huang Spring 2005.
Multiple Tiers in Action

Multiple Tiers in Action
Apache Tomcat Server Typical html Request/Response cycle

Apache Tomcat Server Typical html Request/Response cycle

Similar presentations

Ads by Google