Software Security and Exploitation
|Meeting Time:||MW 1:00-2:20|
|Exam Group:||05: 13-DEC-2019 Exam Time: 02:00:00 PM|
|Offered this year?||Yes|
|When Offered?||Every year|
Covers software exploitation techniques and state-of-the-art mechanisms for protecting (vulnerable) software. It begins with a summary of prevalent software defects, typically found in applications written in memory unsafe languages, like C/C++, and proceeds with studying traditional and modern exploitation techniques, ranging from classical code-injection and code-reuse up to the newest goodies (just-in-time code reuse). For the most part, it focuses on defenses against certain vulnerability classes and exploitation methods. Students will learn about the boundaries and effectiveness of virtualization, stack and heap protections, and address space randomization, and analyze advanced exploitation techniques and countermeasures.