Extra Reading
We'll mention pertinent research papers, white papers, manifestos, and books throughout the course. These are optional, yet beneficial, readings.
Books
- Computer Security: Principles and Practice by William Stallings and Lawrie Brown.
- Handbook of Applied Cryptography by Menezes, Oorschot, Vanstone
Blogs
Papers
- Writing safe programs:
Matt Bishop's papers on robust programming and writing safe setuid programs - Stack smashing:
Smashing The Stack For Fun And Profit - Double compilation:
Ken Thompson's Turing Award Talk (1984) "Reflections on Trusting Trust", David Wheeler (2005) "Countering Trusting Trust through Diverse Double-Compiling". - Preventing buffer overflow attacks with canaries:
StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks (1998), C. Cowan, C. Pu, D. Maier, H. Hinton, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang.