CSC-405 Computer Security


Date Topic Discussions (do readings before class)  
01/07 Introduction (slides, hackpack)    
01/14 Shellcode (slides) x86 Assembly Guide (link)  
01/21 Linux Security (slides)    
01/28 Reverse Engineering (slides) Reverse Engineering Tutorial (link), Radare2 Book (link)  
02/04 Control-flow hijack attacks (slides) Smashing The Stack For Fun And Profit (link)  
02/11 Stack Canaries & ASLR (slides) NOEXEC and StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks (link) [USENIX Sec’98]  
02/18 Return-into-libc & ROP (slides) Advanced return-into-lib(c) exploits (PaX case study) (link)  
02/25 NDSS Symposium 2020 - No class take a look at the accepted papers of the conference  
03/03 Midterm Exam    
03/10 Spring Break - No class    
03/17 COVID-19 madness class becomes online-only from this point on  
online Web Security (slides) Intro  
online Web Security (slides) More intro  
online Web Security (slides) SQL Injections  
online Web Security (slides) HTML+JavaScript  
online Web Security (slides) AJAX & web frameworks  
online Web Security (slides) Client-side Attacks & Isolation  
online Web Security (slides) Session Fixation and other attacks  
online Web Security (slides) XSS Attacks  
04/17 HackPack CTF Capture the Flag event for the class that is open to the public, join here  
04/27 Final Exam online web security assignment