XeLabs/cs-self-learning
2
0
Fork 0
mirror of https://github.com/PKUFlyingPig/cs-self-learning.git synced 2026-06-25 02:46:57 +08:00
Code Issues Projects Releases Packages Wiki Activity
cs-self-learning/docs/系统安全/MIT6.858.md
zhongyinmin 498760732f fix some typo
2021-12-15 14:01:25 +08:00

24 lines
1.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## 课程简介
- 所属大学MIT
- 先修要求:计算机体系结构,对计算机系统有初步了解
- 编程语言C, Python
- 课程难度:🌟🌟🌟🌟🌟
- 预计学时150小时
MIT的计算机系统安全课程实验环境是一个Web Application Zoobar. 学生学习攻防技术并应用于该Web Application.
- Lab 1: you will explore the zoobar web application, and use buffer overflow attacks to break its security properties.
- Lab 2: you will improve the zoobar web application by using privilege separation, so that if one component is compromised, the adversary doesn't get control over the whole web application.
- Lab 3: you will build a program analysis tool based on symbolic execution to find bugs in Python code such as the zoobar web application.
- Lab 4: you will improve the zoobar application against browser attacks.
这个课我主要是做了lab3。lab3是通过混合符号执行来遍历程序的所有分支理解了符号执行的思想后lab并不难做。这个lab直观展示符号执行这种技术的使用方法。
这个课的Final Project是实现[SecFS](https://github.com/mit-pdos/secfs-skeleton),一个远端文件系统,面对完全不可信的服务器,提供机密性和完整性。参考论文为[SUNDR](https://www.usenix.org/legacy/event/osdi04/tech/full_papers/li_j/li_j.pdf)
## 课程资源
- [课程网站](http://css.csail.mit.edu/6.858/2022/)
- 课程视频:参见课程网站
- 课程教材:无
- 课程作业4个lab + Final Project / Lab5
Reference in a new issue View git blame Copy permalink