CSCI 1951H covers software exploitation techniques and state-of-the-art mechanisms for protecting (vulnerable) software. The course begins with a summary of prevalent software defects, typically found in applications written in memory unsafe languages, like C/C++, and proceeds with studying traditional and modern exploitation techniques, ranging from classical code injection and code reuse up to the newest goodies (e.g., JIT-ROP, Blind ROP). For the most part, it focuses on defenses against certain vulnerability classes and the way(s) to bypass them. Students will be introduced to advanced software exploitation techniques and countermeasures, and study (in depth) the boundaries and effectiveness of standard hardening mechanisms, such as address space randomization and stack and heap protections.
10% | Participation |
---|---|
60% | Assignments (CTF-like write-ups) |
10% | Midterm |
20% | Final |
echo @cs.brown.edu|sed 's/^/vpk/'
echo @cs.brown.edu|sed 's/^/lcamery/'
12/12/2016 | Final exam. |
---|---|
12/05/2016 | Final is on 12/12/2016. |
12/05/2016 | Assignment 0x3 is due today. |
12/05/2016 | Lecture 0xb posted. |
11/28/2016 | Assignment 0x3 is due on 12/05/2016. |
11/28/2016 | Lecture 0xa posted. |
11/21/2016 | Assignment 0x3 posted. |
11/21/2016 | Assignment 0x2 is due today. |
11/21/2016 | Lecture 0x9 posted. |
11/14/2016 | Assignment 0x2 is due on 11/21/2016. |
11/14/2016 | Lecture 0x8 posted. |
11/07/2016 | Assignment 0x2 posted. |
11/07/2016 | Assignment 0x1 is due today. |
11/07/2016 | Lecture 0x7 posted. |
10/31/2016 | Assignment 0x1 is due on 11/07/2016. |
10/31/2016 | Midterm exam. |
10/31/2016 | Lecture 0x6 posted. |
10/24/2016 | Assignment 0x1 posted. |
10/24/2016 | Midterm is on 10/31/2016. |
10/24/2016 | Lecture 0x5 posted. |
10/17/2016 | Lecture 0x4 posted. |
10/10/2016 | No class today. |
10/03/2016 | Hack Day! |
09/26/2016 | Lecture 0x3 posted. |
09/19/2016 | Lecture 0x2 posted. |
09/12/2016 | Lecture 0x1 posted. |
09/07/2016 | Welcome to CSCI 1951H! |