Outline for May 29, 2003

  1. Security testing
    1. Property-based testing
  2. What is malicious logic?
  3. Trojan horses
    1. Propagating Trojan horses
  4. Computer viruses
    1. Boot sector infectors
    2. Executable infectors
    3. Multipartitie infectors
    4. TSR viruses
    5. Stealtth viruses
    6. Encrypted viruses
    7. Polymorphic viruses
    8. Macro viruses
  5. Computer worms
    1. Original work
    2. Internet worm
  6. Rabbits and Logic Bombs
  7. Countermeasures
    1. Separate data and instructions
    2. Limit protection domain: flow control, reduction of rights
      1. Karger's knowledge-based subsystem
      2. Sandboxing
    3. Limit sharing
    4. Detect alteration of files
    5. Specification-based behavior
      1. Proof-carrying code
    6. Statistical analysis
This is available in Postscript and PDF.