Software is everywhere and many developers aren't aware of how to properly write secure code. We will cover practical skills in reverse engineering and binary exploitation and delve into the techniques used by adversaries for some of the largest security incidents of the century. With a strong understanding of attack patterns, students will be able to implement more secure coding practices into their own code and defend against these attacks. This course will start by covering Intel-based assembly, reverse engineering, vulnerability analysis, and various forms of Linux-focused binary exploitation. Throughout this course, we will cover stack, heap, and Linux kernel-based exploitation and dive into common defensive mitigations such as ASLR, NX, and Stack Cookies alongside techniques to bypass each of them. This course will be focused on low-level software written in C, which is why an understanding of the topics covered in CS230 is assumed (and required for undergraduates). This couse counts as a CS Elective for the CS Major.
LEC 01: Open to junior and senior COMPSCI, INFORM, and CS-ENG students who received a grade of C or better in COMPSCI 230 or E&C-ENG 322.
MEETS WITH COMPSCI 367 (PREVIOUSLY 390R) BEGINNING SPRING 2025.
LEC 02: MS-CMPSCI students only. MEETS WITH COMPSCI 367 (PREVIOUSLY 390R) BEGINNING SPRING 2025.