IT-Sicherheit

Einführung

In der Lehrveranstaltung sollen in Dreier- oder Vierergruppen Probleme der IT-Sicherheit (Angriffe auf Computer und Computernetzwerke) anhand einer geeigneten textlichen Vorlage intensiv studiert werden:

  • Jede/r Seminarteilnehmer/in soll den Angriff verstehen
  • Ein Gruppenmitglied soll den Angriff allen Seminarteilnehmern durch einen Seminarvortrag vorstellen.
  • Ein anderes Gruppenmitglied soll einen Versuch (Erstellung einer Versuchsbeschreibung) konzipieren, der es den anderen Seminarteilnehmern ermöglicht, das Problem nachzuvollziehen.
  • Das dritte Gruppenmitglied soll die anderen Seminarteilnehmer bei der Durchführung des Versuchs unterstützen und den Versuch bewerten.

Organisatorisches

Anmeldung

Für die Teilnahme an der Veranstaltung ist eine Anmeldung erforderlich; die erste Anmeldefrist läuft am Freitag, dem 7.8.2009, um 12.00 Uhr ab. Die Anmeldung hat zu erfolgen per Email an wilke-its@ti.informatik.uni-kiel.de unter Angabe der folgenden Daten: Name, Vorname, Matrikelnummer, Wunschthemen, gewünschte Gruppenzusammensetzung.

Die Anmeldefrist ist abgelaufen. Wegen des großen Interesses können leider keine weiteren Anmeldungen entgegen genommen werden.

Zeiten und Fristen

Die Veranstaltung findet als Blockveranstaltung am 7., 8. und ggf. am 9.1.2010 (Donnerstag, Freitag und Samstag) statt.

Alle schriftlichen Ausarbeitungen sind bis zum 31.12.2009 einzusenden an wilke-its@ti.informatik.uni-kiel.de.

Themen

Die Literaturangaben sind als »Anfangsliteratur« zu verstehen; weitere Quellen müssen bei Bedarf erschlossen werden.

B1. Buffer Overflow Attacks – Stacks

[Gerg2005], [One2006]

Wird nicht an Student/inn/en vergeben, die Buffer Overflow Attacks in der Vorlesung Systemorientierte Informatik II kennengelernt haben.

B2. Buffer Overflow Attacks – heaps, function pointers, off-by-one exploits

[ConoverW1999], [PincusB2004], [ChienS2002]

B3. Buffer Overflow Attacks – format Strings

[PincusB2004], [ChienS2002], [ScutT2001]

B4. Non-Control Data Attacks

[ChenXSGI2005]

F. Attacks on Adobe Flash Player

[Dowd2008]

S. SQL Injection Attacks

[Anley2002]

X1. Cross Site Scripting Attacks – persistent and non-persistent

[Klein2002]

X2. Cross Site Scripting Attacks – DOM based

[Klein2005]

X3. Cross Site Request Forgery

[BarthJM2008]

I1. Angriffe auf die Internet-Protokolle (weitere Angaben folgen)

I2. Angriffe auf die Internet-Protokolle (weitere Angaben folgen)

Literatur

2008

[Dowd2008 | .bib]

M. Dowd, "Application-Specific Attacks: Leveraging the ActionScript Virtual Machine", IBM Global Technology Services2008.

@techreport{Dowd2008,
  author = {Dowd, Mark},
  title = {Application-Specific Attacks: Leveraging the ActionScript Virtual Machine},
  institution = {IBM Global Technology Services},
  year = 2008, file = {/home/wilke/lit/Dowd-2008.pdf},
  }

[BarthJM2008 | .bib]

A. Barth, C. Jackson, and J. C. Mitchell, "Robust defenses for cross-site request forgery," in CCS ‘08: Proceedings of the 15th ACM conference on Computer and communications security, New York, NY, USA, 2008, pp. 75-88.

@inproceedings{BarthJM2008,
  author = {Barth, Adam and Jackson, Collin and Mitchell, John C.},
  title = {Robust defenses for cross-site request forgery},
  booktitle = {CCS '08: Proceedings of the 15th ACM conference on Computer and communications security},
  pages = {75--88},
  year = {2008},
  address = {New York, NY, USA},
  publisher = {ACM},
  doi = {http://doi.acm.org/10.1145/1455770.1455782},
  isbn = {978-1-59593-810-7},
  location = {Alexandria, Virginia, USA}
}

2005

[Gerg2005 | .bib]

I. Gerg, "An Overview and Example of the Buffer-Overflow Exploit," IAnewsletter, vol. 7, iss. 4, pp. 16-21, 2005.

@article{Gerg2005,
  author = {Gerg, Isaac},
  title = {An Overview and Example of the Buffer-Overflow Exploit},
  journal = {IAnewsletter},
  year = 2005, volume = {7},
  number = 4, pages = {16-21},
  file = {/home/wilke/lit/Gerg-2005.pdf},
  }

[ChenXSGI2005 | .bib]

S. Chen, J. Xu, E. C. Sezer, P. Gauriar, and R. K. Iyer, "Non-control-data attacks are realistic threats," in SSYM’05: Proceedings of the 14th conference on USENIX Security Symposium, Berkeley, CA, USA, 2005, pp. 12-12.

@inproceedings{ChenXSGI2005,
  author = {Chen, Shuo and Xu, Jun and Sezer, Emre C. and Gauriar, Prachi and Iyer, Ravishankar K.},
  title = {Non-control-data attacks are realistic threats},
  booktitle = {SSYM'05: Proceedings of the 14th conference on USENIX Security Symposium},
  pages = {12--12},
  year = 2005, address = {Berkeley, CA, USA},
  publisher = {USENIX Association},
  file = {/home/wilke/lit/ChenXSGI-2005.pdf},
  location = {Baltimore, MD}
}

[Klein2005 | .bib]

A. Klein, DOM Based Cross Site Scripting or XSS of the Third Kind: A look at an overlooked flavor of XSS, 2005.

@misc{Klein2005,
  author = {Klein, Amit},
  title = {DOM Based Cross Site Scripting or XSS of the Third Kind: A look at an overlooked flavor of XSS},
  year = 2005, file = {/home/wilke/lit/Klein-2005.pdf},
  # url = {http://www.webappsec.org/projects/articles/071105.shtml},
  }

2004

[PincusB2004 | .bib]

J. Pincus and B. Baker, "Beyond stack smashing: recent advances in exploiting buffer overruns," Security & Privacy, IEEE, vol. 2, iss. 4, pp. 20-27, 2004.

@article{PincusB2004,
  author = {Pincus, Jonathan and Baker, Brandon},
  title = {Beyond stack smashing: recent advances in exploiting buffer overruns},
  journal = {Security & Privacy, IEEE},
  year = 2004, volume = {2},
  number = 4, pages = {20-27},
  month = {July-Aug.},
  keywords = {computer crime, storage management CERT advisories, arc injection, buffer overruns, exploits, heap smashing, high-profile worms, malicious crackers, pointer subterfuge, security vulnerabilities, stack smashing},
  file = {/home/wilke/lit/PincusB2004.pdf},
  doi = {10.1109/MSP.2004.36},
  issn = {1540-7993}
}

2003

[One2006 | .bib]

A. One, "Smashing the Stack for Fun and Profit," Phrack, vol. 7, iss. 49, 2003.

@article{One2006,
  author = {One, Aleph},
  title = {Smashing the Stack for Fun and Profit},
  journal = {Phrack},
  year = 2003, volume = {7},
  number = 49, file = {/home/wilke/lit/One-2006.pdf},
  }

2002

[Anley2002 | .bib]

C. Anley, "Advanced SQL Injection in SQL Server Applications", NGSSoftware Insight Security Research (NISR)2002.

@techreport{Anley2002,
  author = {Anley, Chris},
  title = {Advanced SQL Injection in SQL Server Applications},
  institution = {NGSSoftware Insight Security Research (NISR)},
  year = 2002, file = {/home/wilke/lit/Anley-2002.pdf},
  }

[ChienS2002 | .bib]

E. Chien and P. Ször, "Blended Attacks Exploits, Vulnerabilities and Buffer-Overflow Techniques in Computer Viruses," in Virus Bulletin Conference, 2002, pp. 1-36.

@inproceedings{ChienS2002,
  author = {Eric Chien and Péter Ször},
  title = {Blended Attacks Exploits, Vulnerabilities and Buffer-Overflow Techniques in Computer Viruses},
  booktitle = {Virus Bulletin Conference},
  pages = {1-36},
  year = 2002, file = {/home/wilke/lit/ChienS-2002.pdf},
  }

[Klein2002 | .bib]

A. Klein, "Cross Site Scripting Explained", Sanctum Inc.2002.

@techreport{Klein2002,
  author = {Klein, Amit},
  title = {Cross Site Scripting Explained},
  institution = {Sanctum Inc.},
  year = 2002, file = {/home/wilke/lit/Klein-2002.pdf},
  }

2001

[ScutT2001 | .bib]

scut and TESO Security Group, Exploiting Format String Vulnerabilities, 2001.

@misc{ScutT2001,
  author = {scut and {TESO Security Group}},
  title = {Exploiting Format String Vulnerabilities},
  year = 2001, file = {/home/wilke/lit/ScutT-2001.pdf},
  # url = {http://crypto.stanford.edu/cs155old/cs155-spring08/papers/formatstring-1.2.pdf},
  }

1999

[ConoverW1999 | .bib]

M. Conover and w00w00 Security Team, W00w00 on Heap Overflows, 1999.

@misc{ConoverW1999,
  author = {Conover, Matt and {w00w00 Security Team}},
  title = {w00w00 on Heap Overflows},
  year = 1999, file = {/home/wilke/lit/ConoverW-1999.pdf},
  # url = {http://www.w00w00.org/files/articles/heaptut.txt},
  }