XeLabs/cs-self-learning
2
0
Fork 0
mirror of https://github.com/PKUFlyingPig/cs-self-learning.git synced 2026-06-24 02:16:58 +08:00
Code Issues Projects Releases Packages Wiki Activity
cs-self-learning/docs/系统安全/MIT6.858.md
Yukiteru ab0582bdd0 format links in markdown 
This commit does the following things:

- Change `[Course Web](link)` to:
  - `Course Web: [title](link)`, or
  - `Course Web: <link>`
- Change `[This GitHub](link)` to `[user/repo](link)`

Signed-off-by: Yukiteru <wfly1998@sina.com>
2022-04-03 17:39:09 +08:00

27 lines
1.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# MIT 6.858: Computer System Security
## 课程简介
- 所属大学MIT
- 先修要求:计算机体系结构,对计算机系统有初步了解
- 编程语言C, Python
- 课程难度:🌟🌟🌟🌟🌟
- 预计学时150 小时
MIT 的计算机系统安全课程,实验环境是一个 Web Application Zoobar。学生学习攻防技术并应用于该 Web Application。
- Lab 1: you will explore the zoobar web application, and use buffer overflow attacks to break its security properties.
- Lab 2: you will improve the zoobar web application by using privilege separation, so that if one component is compromised, the adversary doesn't get control over the whole web application.
- Lab 3: you will build a program analysis tool based on symbolic execution to find bugs in Python code such as the zoobar web application.
- Lab 4: you will improve the zoobar application against browser attacks.
这个课我主要是做了 Lab 3。Lab 3 是通过混合符号执行来遍历程序的所有分支,理解了符号执行的思想后 Lab 并不难做。这个 Lab 直观展示符号执行这种技术的使用方法。
这个课的 Final Project 是实现 [SecFS](https://github.com/mit-pdos/secfs-skeleton),一个远端文件系统,面对完全不可信的服务器,提供机密性和完整性。参考论文为 [SUNDR](https://www.usenix.org/legacy/event/osdi04/tech/full_papers/li_j/li_j.pdf)。
## 课程资源
- 课程网站:<http://css.csail.mit.edu/6.858/2022/>
- 课程视频:参见课程网站
- 课程教材:无
- 课程作业4 个 Lab + Final Project / Lab5
Reference in a new issue View git blame Copy permalink