Overview

CSCI 1650 covers software exploitation techniques and state-of-the-practice mechanisms for hardening software. The course begins with a summary of prevalent software defects, typically found in applications written in memory unsafe languages, like C/C++, and proceeds with studying traditional and modern exploitation techniques, ranging from classical code injection and code reuse up to the latest goodies (e.g., JIT-ROP). It also covers defenses against certain vulnerability classes and the way(s) to bypass them. Students will be introduced to advanced software exploitation techniques and countermeasures, and study (in depth) the boundaries and effectiveness of standard hardening mechanisms, such as address space randomization and stack and heap protections.

Prerequisites

Grading

10% Participation (Ed Discussion)
90% Assignments (CTF-like write-ups)
0% Midterm
0% Final

Acknowledgments

This course would not be possible without the support and assistance of the following people:

Meetings

Instructor

Vasileios (Vasilis) Kemerlis

Teaching Assistants

Oren Kohavi (HTA)
  • echo @cs.brown.edu|sed 's/^/okohavi/'
  • CIT 348 + Zoom (Wed. 12PM – 2PM)
Austin Phan (TA)
  • echo @cs.brown.edu|sed 's/^/aphan11/'
  • CIT 102 + Zoom (Sun. 2PM – 4PM)
Hayley Kang (TA)
  • echo @cs.brown.edu|sed 's/^/hkang39/'
  • Zoom (Sat. 2PM – 4PM)
Isha Mody (TA)
  • echo @cs.brown.edu|sed 's/^/imody/'
  • Zoom (Mon. 6PM – 8PM)
Kathy Li (TA)
  • echo @cs.brown.edu|sed 's/^/kli117/'
  • Zoom (Fri. 9:30AM – 11:30AM)
Keitaro Nishijima (TA)
  • echo k^nishiji@cs.brown.edu|tr -d ^
  • Zoom (Thu. 8PM – 10PM)
Maya Fleischer (TA)
  • echo m^fleisc1@cs.brown.edu|tr -d ^
  • Zoom (Mon. 4PM – 6PM)
Riyao Lin (TA)
  • echo @cs.brown.edu|sed 's/^/rlin45/'
  • Zoom (Wed. 8:30PM – 10:30PM)
Stephen Rosa (TA)
  • echo @cs.brown.edu|sed 's/^/srosa5/'
  • CIT 348 + Zoom (Tue. 12PM – 2PM)
Treetased Vividhwara (TA)
  • echo t^vividhw@cs.brown.edu|tr -d ^
  • CIT 348 + Zoom (Thu. 12PM – 2PM)

Announcements

09/25/2023 Lecture 0x6 posted.
09/20/2023 Lecture 0x5 posted.
09/18/2023 Lecture 0x4 posted.
09/13/2023 Lecture 0x3 posted.
09/11/2023 Lecture 0x2 posted.
09/06/2023 Lecture 0x1 posted.
09/06/2023 Welcome to CSCI 1650!