(Formerly CSCI1951-H)

Software Security and Exploitation

Course Home Page:
Location:Online / Asynchronous
Meeting Time:T hour: M,W 3:00-4:20
Offered this year?Yes
When Offered?Every year


Covers software exploitation techniques and state-of-the-art mechanisms for protecting (vulnerable) software. It begins with a summary of prevalent software defects, typically found in applications written in memory unsafe languages, like C/C++, and proceeds with studying traditional and modern exploitation techniques, ranging from classical code-injection and code-reuse up to the newest goodies (just-in-time code reuse). For the most part, it focuses on defenses against certain vulnerability classes and exploitation methods. Students will learn about the boundaries and effectiveness of virtualization, stack and heap protections, and address space randomization, and analyze advanced exploitation techniques and countermeasures.

CRN: 16585