CSCI 2951U investigates the state-of-the-art in software exploitation and defense. More specifically, the course is structured as a seminar where students present (along with the instructor) research papers to their peers. We will begin with a summary of prevalent software defects, typically found in applications written in memory unsafe languages, like C/C++, and proceed to surveying what we are up against: traditional and modern exploitation techniques, ranging from classical code injection and code reuse up to the newest goodies (e.g., JIT-ROP, Blind ROP). For the bulk part, we will be focusing on the latest advances in protection mechanisms, mitigation techniques, and tools against modern vulnerability classes and exploitation methods.
Every week we will be discussing (a set of) research papers. Students are expected to read the assigned papers and write a short review (critique) before each class. In addition, one (or more) student(s) will do a short presentation about each paper for the day, which will be the starting point for our discussion(s).
In parallel, students will work on a semester-long project, on an open research problem, related to the topics covered in the course. Projects can have an offensive or defensive focus, or both, while projects relating to the students' own research interests are strongly encouraged—provided they also fit with the theme of the class.
Everyone, apart from the presenter(s), is expected to read the assigned reading(s) for the week and submit a constructive critique (review). The reviews should: (a) be at most a page long; (b) provide a summary of the assigned paper(s); (c) discuss the pros and cons of the proposed idea, protection mechanism, or bypass technique; and (d) conclude with at least two thought-provoking questions regarding the material covered, along with a brief direction of future work.
Each student will be presenting a (set of) research paper(s) to the class, and evaluated on the following:
The (semester-long) course project entails working on an open research problem, which can be defensive or offensive in nature (or both), and submitting (to the instructor) a workshop-quality research paper. Note that although the project may rely on concepts learned from existing papers, it must also introduce new ideas. Validation of prior work (i.e., in terms of effectiveness and/or performance) is permitted, but, in such cases, a more thorough analysis of the original work's strengths and weaknesses must be undertaken.
You are free to discuss technical issues regarding the
assigned readings, or your project, with your peers. You may
outside sources of information for your
project and/or presentation(s), but you must cite
them. Every write-up (i.e., paper review, project
report, code, or presentation) must be entirely your