Esisar rubrique Formation 2022

Hardware and Software Security Analysis for Operating Systems - 4AMOS430

  • Number of hours

    • Lectures 15.0
    • Projects -
    • Tutorials -
    • Internship -
    • Laboratory works 12.0
    • Written tests -

    ECTS

    ECTS 2.0

Goal(s)

Studying Hardware and software vulnerabilities, attacks and protections.

Responsible(s)

Quentin GIORGI

Content(s)

  • prerequisite:
    • rings
    • MPU,MMU
    • SMP, NUMA architectures.
    • DMA
    • process memory layout (shared libraries, etc.))
    • system calls
    • Binary formats (ELF, PE/COFF, etc..)
  • Hardware attacks (DMA attack, USB HID spoofers);
  • Software attacks and vulnerability exploitations (Buffer overflow (heap/stack), return oriented programming, retintolibc, etc..);
  • Hardware protection (trustzone, MPU,CFI,IO-MMU, shadow stack)
  • Software protection (W^X, canary, ASLR, seccomp, Selinux, apparmor, ..)

Labs

  • Software vulnerability exploitation
  • Hardware protection mecanism: (MPU, Trustzone…)

Prerequisites

Operating Systems
Computer architecture

Calendar

The course exists in the following branches:

see the course schedule for 2022-2023

Additional Information

Course ID : 4AMOS430
Course language(s): FR

The course is attached to the following structures:

You can find this course among all other courses.

Bibliography

  • Linux Kernel Development – Robert Love
  • Tool Interface Standard – ELF specifications
  • Learning Linux Binary Analysis - Ryan O'Neill
  • Maene, P., Gotzfried, J., de Clercq, R., Muller, T., Freiling, F., & Verbauwhede, I. (2017). Hardware-Based Trusted Computing Architectures for Isolation and Attestation. IEEE Transactions on Computers.
  • J. Jang; C. Choi; J. Lee; N. Kwak; S. Lee; Y. Choi; B. Kang, "PrivateZone: Providing a Private Execution Environment using ARM TrustZone," in IEEE Transactions on Dependable and Secure Computing , vol.PP, no.99, pp.1-1 doi: 10.1109/TDSC.2016.2622261