This is a graduate-level research-oriented course. The goal of this course is to teach graduate students the state-of-the-art techniques and tools and their applications to software security problems, including vulnerabilities and exploits, malware, patching, reverse engineering, and forensics. This course is aimed to balance between lectures, lab assignments and projects, such that the students can grasp the core concepts, gain first-hand experience through lab assignments to reinforce the understanding of these concepts, and further explore unknowns via course projects.
We will use eLearn for announcements, assignments and grading, and Slack for Q&A and discussions.
Each student is responsible to present one or two papers in the class for about 25 minutes and lead the discussion for about 15 minutes. A signup sheet will be provided to select which paper to present (first come first serve). Use your RMail to access it.
Each student is required to write reviews of at least 400 words for all the papers presented by students, before the papers are presented in class. A review must include the following aspects:
Each student needs to submit a research proposal and a term paper.
I am working on a web-based textbook for software security, which is available here. It is largely based on the lectures from this course. I am updating it while teaching this course.
| Monday | Wednesday |
|---|---|
| 03/30 Syllabus Dynamic Binary Instrumentation |
04/01 Dynamic Binary Instrumentation Dynamic Taint Analysis |
| 04/06 Dynamic Taint Analysis Symbolic Execution |
04/08 Symbolic Execution |
| 04/13 |
04/15 |
| 04/20 |
04/22 |
| 04/27 |
04/29 |
| 05/04 |
05/06 |
| 05/11 |
05/13 |
| 05/19 |
05/21 |
| 05/25 Holiday |
05/27 |
| 06/01 |
06/03 |