CS 5435 - Fall 2021 Security and Privacy Concepts in the Wild

Materials

Passwords

Florêncio et al. An Administrator’s Guide to Internet Password Research

Web security

Jackson and Barth. Beware of Finer-Grained Origins.

Schwenk et al. Same-Origin Policy: Evaluation in Modern Browsers.

Barth et al. Robust Defenses for Cross-Site Request Forgery.

Abma. How To: Server-Side Request Forgery (SSRF).

Anley. Advanced SQL Injection In SQL Server Applications.

Klein. Cross Site Scripting Explained.

Weichselbaum et al. CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy.

Zalewski. Postcards from the Post-XSS World.

Stone. Next Generation Clickjacking: New Attacks Against Framed Web Pages.

Rydstedt et al. Busting Frame Busting: a Study of Clickjacking Vulnerabilities on Popular Sites.

Huang et al. Clickjacking: Attacks and Defenses.

Wang et al. How to Shop for Free Online: Security Analysis of Cashier-as-a-Service Based Web Stores.

Network protocols

Bernstein. SYN cookies.

daemon9 / route / infinity. IP Spoofing Demystified.

Moore et al. Inferring Internet Denial-of-Service Activity.

Kumar et al. Exploiting Underlying Structure for Detailed Reconstruction of an Internet-scale Event.

Kaminsky. It’s the End of the Cache as We Know It.

Bernstein. Breaking DNSSEC.

Attacks on SSL/TLS

Rizzo and Duong. CRIME.

Prado et al. BREACH.

Delignat-Lavaud. The BEAST Wins Again.

Delignat-Lavaud and Bhargavan. Network-based Origin Confusion Attacks against HTTPS Virtual Hosting.

Adrian. A Retrospective on the Use of Export Cryptography.

Vanhoef and Van Goethem. HEIST.

Memory attacks

Aleph One. Smashing the Stack for Fun and Profit.

Solar Designer. Getting around non-executable stack (and fix).

Roemer et al. Return-Oriented Programming: Systems, Languages, and Applications.

scut / team teso. Exploiting Format String Vulnerabilities.

blexim. Basic Integer Overflows.

Once Upon a free().

Michel “MaXX” Kaempf. Vudo - An object superstitiously believed to embody magical powers.

Winterborn. Exploiting CVE-2014-0282.

Sotirov. Heap Feng Shui in JavaScript.

Daniel et al. Engineering Heap Overflow Exploits with JavaScript.

Blazakis. Interpreter Exploitation.

Bittau et al. Hacking Blind.

Burow et al. Control-Flow Integrity: Precision, Security, and Performance.

Finding vulnerabilities

Aitel. The Hacker Strategy.

Miller. Real World Fuzzing.

Manes et al. The Art, Science, and Engineering of Fuzzing: A Survey.

Ashcraft and Engler. Using Programmer-Written Compiler Extensions to Catch Security Holes.

Confinement, isolation, and sandboxing

Garfinkel. Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools.

Watson. Exploiting Concurrency Vulnerabilities in System Call Wrappers.

Tan. Principles and Implementation Techniques of Software-Based Fault Isolation.

Microarchitectural attacks

Yarom and Falkner. FLUSH+RELOAD: a High Resolution, Low Noise, L3 Cache Side-Channel Attack.

Kocher et al. Spectre Attacks: Exploiting Speculative Execution.

Lipp et al. Meltdown: Reading Kernel Memory from User Space.

Weisse et al. Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution.

Canella et al. Fallout: Leaking Data on Meltdown-resistant CPUs.

Schwarz et al. ZombieLoad: Cross-Privilege-Boundary Data Sampling.

Hacking games

Burszstein et al. OpenConflict: Preventing Real Time Map Hacks in Online Games.

Burszteins. I am a legend: Hacking Hearthstone with machine-learning.

Park et al. BlackMirror: Preventing Wallhacks in 3D Online FPS Games.

Hacking smart speakers and voice assistants

Carlini et al. Hidden Voice Commands.

Zhang et al. DolphinAttack: Inaudible Voice Commands.

Zhang et al. Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems.