This course is designed to provide students with good understanding of the theories, principles, techniques and tools used for software and system hacking and hardening. Students will study, in-depth, binary reverse engineering, vulnerability classes, vulnerability analysis, exploit/shellcode development, defensive solutions, etc. to understand how to crack and protect native software. In particular, this class covers offensive techniques including stack-based buffer overflow, heap-based buffer overflow, format string vulnerability, return-oriented programming, etc. This class also covers defensive techniques including canary, shadow stack, address space layout randomization, etc. A key part of studying security is putting skills to the test in practice. Hacking challenges known as Capture The Flag (CTF) competitions are a great way to do this. In this class the progress of students are evaluated by lab assignment and in-class Capture-The-Flag (CTF) competitions. The course can be used to satisfy the MS project requirement.
Downloads: Course Syllabus
Downloads: Virtual Machine
|Week-1 8/31||Overview and Background Knowledge Slides Code HW1 Video UB Cloud YouTube Youku|
|Week-2 9/7||Stack-based Buffer Overflow 1 Slides Code HW2 Video UB Cloud YouTube Youku|
|Week-3 9/14||Stack-based Buffer Overflow 2 Slides Code HW3 Video UB Cloud YouTube Youku|
|Week-4 9/21||Stack-based Buffer Overflow 3 & Defenses 1 Slides Code HW4 Video UB Cloud YouTube Youku||
|Week-5 9/28||Defenses 2 Slides HW5 Video UB Cloud YouTube Youku|