SUMMARY AND REVIEW

We will discuss the course

So, please interact:

 - Offer opinions
 - Give feedback
 - Ask questions

If you are watching on video,
  I also welcome feedback by email, Webcourses, or phone

         THE BIG PICTURE

Why is software security important?

  There could be a massive loss if there is a break-in
  But businesses treat it as a financial burden



Does the real world have
   complete security?

    No, not really
    But it's less anonymous





           WHAT WE STUDIED

Context:
 - Real World Security Bugs

Defense Techniques
 - Threat Modeling
 - Static Analysis:
   - Program Analysis
   - Symbolic Execution
   - Information Flow Security
 - Dynamic Analysis:
   - Fuzzing
 - Dynamic & Static Analysis Combined:
   - Concolic Execution
   - Taint Analysis

Supply Chain Attacks
   - Software Supply Chain Security

Experimental Evaluation of Tools

Memory Attacks
 - Smashing the Stack attacks
 - Defenses:
   - Baggy Bounds Checking
   - W xor X permissions
   - ASLR
   - Reference Monitors (CFI, XFI)

Web Attacks
 - XSS
 - CSRF (aka XSRF)

Injection Attacks
 - SQL and similar kinds of attacks
 - XSS
 - Defenses:
   - Allow lists
   - Output encoding
   - Taint tracking
   - CSP
   - Concolic execution (Andrilla)

Semantic/logic bugs (shop for free)
   - Attacks
   - Defenses:
      - Formal methods (Alloy Analyzer)

          CLASS OBJECTIVES

main objective:

   you can supervise
   an enterprise's
   software system safety

- [Strategize] plan a strategy
   to assure software safety
   
- [Design] Design a set of mitigations
   to the likely and important threats

- [Implement] Implement a tool to support
   a secure development process

- [Evaluate] Evaluate the adequacy of
   a threat model and mitigations