1 Introduction Problem Definition Existing Methods Motivation and Contribution 2 Isotropic Hashing Model Learning Experimental Results 3 Multiple-Bit Quantization Double-Bit Quantization Manhattan Quantization 4 Conclusion 5 Reference

Background Control Flow Hijack Control Flow Hijack Defense Canary Defense StackGuard StackGuard Weakness DiffGuard Polymorphic Canary Data Execution Prevention Definition DEP Scorecard Return-to-libc Attack ASLR ASLR Randomization ASLR

Buffer Overflow:The Essentials Vulnerability Metrics What are Buffer Overflow? Basic Example Shellcode Definition Basic Example Shell-Spawning Shellcode A Real World Buffer Overflow Attack Key Point A vulnerability in Easy RM to MP3 Conversion How to hack the vulnerable program Integer Overflow Overview A Real World Example Common Patterns in Integer Overflow Heap Overflow What is the Heap? An Abstract Example

Software Security Course Overview Description Goal Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits

 9.1 基本概念  9.2 网检和机检  9.3 特征检测  9.4 统计分析  9.5 行为推理  9.6 诱饵系统

 8.1 病毒  8.2 蠕虫  8.3 病毒防御  8.4 特洛伊木马  8.5 网络骗局  8.6 点对点安全  8.7 Web安全  8.8 分布式拒绝服务攻击

 7.1 一般框架  7.2 分组过滤  7.3 电路网关  7.4 应用网关  7.5可信系统和堡垒主机  7.6 防火墙配置  7.7网络地址转换  7.8 配置防火墙

 6.1 无线通信和802.11无线局域网标准  6.2 有线等价隐私协议  6.3 Wi-Fi 访问保护协议  6.4 IEEE 802.11i/WPA2  6.5 蓝牙安全机制  6.6 无线网状网的安全性

 5.1 密码算法在网络各层中的部署  5.2 公钥密码基础设施  5.3 IPSec协议: 网络层的安全协议  5.4 SSL/TLS协议: 传输层的安全协议  5.5 PGP and S/MIME: 电子邮件安全协议  5.6 Kerberos: 认证协议  5.7 SSH: 远程登录安全协议

 3.1 公钥密码体系的定义  3.2 数论的基本概念和定理  3.3 Diffie-Hellman密钥交换  3.4 RSA 密码体系  3.5 椭圆曲线密码体系  3.6 密钥分配与管理