Skip to main content

Network Security

CS 6262 - GaTech OMSCS · Course notes

DDoS Attacks

Taxonomy · Amplification · TCP Exploits · Mitigations · Traceback

Cybercrimes

Underground economy · Actors · Exploits-as-a-Service · Botnets · Spam · C&C · PharmaLeaks

Penetration Testing

Methodology · Footprinting · Scanning · Exploitation · Social Engineering

Browser Security Models

Same-Origin Policy · Frames · Cookies · CSP · Sandbox · Sessions · SRI

Web Session Management

Session Tokens · Storage · Logout · Hijacking · Fixation · Referer

HTTPS Playlist

SSL/TLS · Certificates · Lock Icon · HSTS · Forged Certs · Mixed Content

Security of Internet Protocols

TCP/IP · IP Authentication · ARP · BGP · Route Hijacking · S-BGP

Domain Name Systems Security

DNS Lookup · Caching · Cache Poisoning · Kaminsky · DNSSEC · Rebinding

Advanced Malware Analysis

Malware Prevalence · Obfuscation · Transparency · Ether · Emulator-Based

Mobile Malware

iOS · Android · XcodeGhost · Jekyll · Kirin · DREBIN · TaintDroid · Data Flow

Cloud Computing - VM Monitoring

NIST Framework · Security · Virtualization · Introspection · libVMI · SIM

Property-Preserving Encryption - Oblivious RAM

PPE · Equality · Order · lp-Optimization · Cumulative Attack · ORAM

Botnet Detection

C&C · BotHunter · BotMiner · DNS · Vertical/Horizontal Correlation

Internet Scale Threat Analysis: Scanning

ZMap · Scanning · Weak RSA Keys · Certificate Ecosystem

Domain & Network Reputation

DNSBL · NOTOS · Kopis · Passive DNS · Mobile Malware Prevalence

Machine Learning for Security

Anomaly · Misuse · Classification · Clustering · IDS · DARPA Evaluation

Data Poisoning & Model Evasion

Training-Time Poisoning · Evasion · Adversarial Examples · Defenses

Basics of Blockchain & Bitcoin

Hash Pointers · GoofyCoin · Scrooge · Decentralization · Proof of Work

New & Alternative Cryptocurrencies

Key Management · Hierarchical Wallets · Exchanges · Anonymity · CoinJoin · Timestamping · Overlay

Attack Tolerant Systems

Defense in Depth · Secret Sharing · Byzantine Fault Tolerance · Diversification · Moving Target

Foundations

CIA · Security Policy · Bell-LaPadula · Biba · RBAC · Access Control Matrix · Safety & Undecidability

Software Vulnerabilities

Buffer Overflow · Heap Overflow · Integer Overflow · Format String

Program Analysis

Static vs Dynamic · CFG · HIDS · Symbolic Execution · KLEE · S2E

Malware Analysis

Polymorphic · Metamorphic · Packers · Unpackers · Anti-Analysis · Behavioral Detection

Alert Correlation

IDS · Granger Causality · Bayesian Networks · Attack Scenario Analysis