UB CSE 410/510 Software Security

Spring 2022; Monday, Wednesday 5:00PM-6:20PM;

General Information

Instructor

Dr. Ziming Zhao
E-mail: zimingzh@buffalo.edu
Homepage: https://zzm7000.github.io/
Spring 2022; Monday, Wednesday 5:00 PM - 6:20 PM; Obrian 109
Office hours will be online: Wednesday 3:30 PM - 4:30 PM or by appointment
You will need to log in to UB Zoom before you join the office hours at https://buffalo.zoom.us/j/95299258797?pwd=QlBhbjJIUlM5WmlETmFtOE5qT1Z5dz09
The lecture recordings will be posted online after each class.

Teaching Assistant

Md. Armanuzzaman Tomal
E-mail: mdarmanu@buffalo.edu
Homepage
Office hours will be online: Friday 3:30 PM - 4:30 PM or by appointment
You will need to log in to UB Zoom before you join the office hours at https://buffalo.zoom.us/j/95299258797?pwd=QlBhbjJIUlM5WmlETmFtOE5qT1Z5dz09

Overview

This course is designed to provide students with good understanding of the theories, principles, techniques and tools used for software and system hacking and hardening. Students will study, in-depth, binary reverse engineering, vulnerability classes, vulnerability analysis, exploit and shellcode development, defensive solutions, etc. to understand how to crack and protect native software. In particular, this class covers offensive techniques including stack-based buffer overflow, heap security, format string vulnerability, return-oriented programming, etc. This class also covers defensive techniques including canary, shadow stack, address space layout randomization, control-flow integrity, etc. A key part of studying security is putting skills to the test in practice. Hacking challenges known as Capture The Flag (CTF) competitions are a great way to do this. In this class the progress of students are evaluated by lab assignment and in-class Capture-The-Flag (CTF) competitions.

Downloads: Course Syllabus

Tentative Schedule

Date Topic Notes
Week-1 Class-1 1/31 Overview Notes Video  
Week-1 Class-2 2/2 Background Knowledge Notes Video HW  
Week-2 Class-1 2/7 Background Knowledge Notes Video  
Week-2 Class-2 2/9 Buffer overflow Notes Video HW  
Week-3 Class-1 2/14 Buffer overflow Notes Video  
Week-3 Class-2 2/16 Buffer Overflow Notes Video HW  
Week-4 Class-1 2/21 Buffer overflow Notes Video  
Week-4 Class-2 2/23 Buffer Overflow Notes Video HW  
Week-5 Class-1 2/28 Buffer overflow (Frame Pointer Attack) Notes Video  
Week-5 Class-2 3/2 Buffer overflow (Defense) Notes Video HW  
Week-6 Class-1 3/7 Buffer overflow (Shadow Stack, Canary) Notes Video  
Week-6 Class-2 3/9 Buffer overflow (Bypass canary) Notes Video HW  
Week-7 Class-1 3/14 *** Midterm Exam and CTF First Half*** Midterm-1  
Week-7 Class-2 3/16 *** Midterm Exam and CTF Second Half*** Midterm-2  
Week-8 Class-1 3/21 === Spring Recess No class ===  
Week-8 Class-2 3/23 === Spring Recess No class === HW  
Week-9 Class-1 3/28 ASLR and Seccomp Notes Video  
Week-9 Class-2 3/30 Shellcode development Notes Video HW  
Week-10 Class-1 4/4 Format String Vulnerability Notes Video  
Week-10 Class-2 4/6 Format String Vulnerability Notes Video HW  
Week-11 Class-1 4/11 Return-oriented Programming Notes Video  
Week-11 Class-2 4/13 Return-oriented Programming Notes Video HW  
Week-12 Class-1 4/18 Return-oriented Programming Notes Video  
Week-12 Class-2 4/20 Heap Exploitation Notes Video HW  
Week-13 Class-1 4/25 Heap Exploitation Notes Video  
Week-13 Class-2 4/27 Cache side-channel Notes Video HW  
Week-14 Class-1 5/2 Meltdown Notes Video  
Week-14 Class-2 5/4 Spectre Notes Video HW  
Week-15 Class-1 5/9 Beyond 410 Notes Video  
Week-15 Class-2 5/11 HW  
Final CTF 5/16 FinalCTF  

Resources

GDB Cheat Sheet Tmux Cheet Sheet