Software Security Lecture 1 Introduction to the course Bing Mao maobing@nju.edu.cn Department of Computer Science 102
Software Security Lecture 1 : Introduction to the course Bing Mao maobing@nju.edu.cn Department of Computer Science
Outline Soltware Security Course Overview Description Course Overview Goal Gall Text Books Text Books Course Schedule Course Schedule Prerequisites Tentative Course Prerequisites Project Teaching Assistant Tentative Course Project Inttoduction to Soltware Socurity Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Nanjng Uivarsiy
28 Software Security Course Overview Description Goal Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Dept. of Computer Science, Nanjing University Outline Course Overview Description Goal Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits
Course Overview Soltware Security 3Course Overview Gnal Text Books This course is to examine various software vulnerabilities, Course Schedule Prerequisites review the literature how this problem was addressed,and Tentative Course discuss practical techniques and tools in fighting these threats Project from binary code analysis,symbolic execution,to operating Teaching Assistant Caidat lifocmcion system security,and hypervisor and even hardware based Introduction to solutions. Soltware Securit Nanjng Uivarsiy
28 Software Security 3 Course Overview Description Goal Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Dept. of Computer Science, Nanjing University Course Overview This course is to examine various software vulnerabilities, review the literature how this problem was addressed, and discuss practical techniques and tools in fighting these threats from binary code analysis, symbolic execution, to operating system security, and hypervisor and even hardware based solutions
Course Overview Description Soltware Security Course Overview Deon Text Books Course Schedule Prerequisites Graduate and postgraduate level Tentatie Course Research oriented Project Teaching Assistant System and software security class Cadct lifocmcio Inttoduction to Soltware Socurity
28 Software Security Course Overview 4 Description Goal Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Dept. of Computer Science, Nanjing University Course Overview Description I Graduate and postgraduate level I Research oriented I System and software security class
Course Overview Goal Soltware Security Course Overview (5 Cou Text Books Understand the low-level details of real software Course Schedule implementations Prerequisites Be familiar with state of the art software vulnerabilities Tentative Course Project Vulnerability discovery,memory exploits and defense Teaching Assistant techniques Caidct lifocmcion Introduction to Automated program analysis for the reverse engineering of Soltware Securit 4 binary code Nanjng Uivarsty
28 Software Security Course Overview Description 5 Goal Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Dept. of Computer Science, Nanjing University Course Overview Goal I Understand the low-level details of real software implementations I Be familiar with state of the art software vulnerabilities I Vulnerability discovery, memory exploits and defense techniques I Automated program analysis for the reverse engineering of binary code
Text Books Soltware Security There are three main parts of the text books: Course Overview 1.Computer Systems:A Programmer's Perspective(CSAPP) Books Course Schedule Prerequisites Tentatie Course 深人理解计算机系统 Project Teaching Assistant Coidaet lifocmcio Introduction to Soltware Security 4d cowufEk iririMs 叫 Nanjng Uivarsiy
28 Software Security Course Overview Description Goal 6 Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Dept. of Computer Science, Nanjing University Text Books There are three main parts of the text books: 1. Computer Systems: A Programmer’s Perspective (CSAPP)
Text Books Soltware Security 2.Hacking:The Art of Exploitation Course Overview 的 Text Books Hacking Course Schedule Prerequisites the art of exploitation Tentatie Course Project Teaching Assistant Coidaet lifocmcio Introduction to Soltware Security 4 Jon Erickson 28 Nanjng Uivarsiy
28 Software Security Course Overview Description Goal 7 Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Dept. of Computer Science, Nanjing University Text Books 2. Hacking: The Art of Exploitation
Text Books Soltware Security Course Overview Gaal 3.Related paper for after-class B Text Books Course Schedule Prerequisites SoK:EternalWar in Memory Tentative Course Project Smashing The Stack For Fun And Profit Teaching Assistant Cadaet lifocmcio The Geometry of Innocent Flesh on the Introduction to Soltware Socurity Bone:Return-into-libc without Function Calls(on the x86) 4 And so on... Nanjng Urivarsiy
28 Software Security Course Overview Description Goal 8 Text Books Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Dept. of Computer Science, Nanjing University Text Books 3. Related paper for after-class I SoK: EternalWar in Memory I Smashing The Stack For Fun And Profit I The Geometry of Innocent Flesh on the Bone:Return-into-libc without Function Calls (on the x86) I And so on
Course Schedule Soltware Security Introduction Basic computer system knowledge Course Overview Control Flow Hijacks Gnal Buffer Overflow Text Books Practical Control Flow Defense Course Schedule Memory exploit Prerequisites ROP Tentatie Course Control Flow Integrity Project Teaching Assistant Program Analysis Codct lifocmcio Program Representation Inttoduction to Soltware Socurity Dynamic Analysis Binary Instrumentation Static Analysis LLVM(optional) Symbolic Execution Vulnerabilitiy discovery Summary Software security and program analysis Nanjng Urivarsiy
28 Software Security Course Overview Description Goal Text Books 9 Course Schedule Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Dept. of Computer Science, Nanjing University Course Schedule I Introduction I Basic computer system knowledge I Control Flow Hijacks I Buffer Overflow I Practical Control Flow Defense I Memory exploit I ROP I Control Flow Integrity I Program Analysis I Program Representation I Dynamic Analysis I Binary Instrumentation I Static Analysis I LLVM(optional) I Symbolic Execution I Vulnerabilitiy discovery I Summary I Software security and program analysis
Prerequisites Soltware Security Course Overview Gall Text Books The basic knowledge of computer architecture Course Schedule ELF 0)Prerequisites Tentative Course Stack Heap Project Assembly code(Intel x86) Teaching Assistant Cadct lifocmcio Computer Security basics Inttoduction to Soltware Socurity C/C++Programming in UNIX Nanjng Urivarsiy
28 Software Security Course Overview Description Goal Text Books Course Schedule 10 Prerequisites Tentative Course Project Teaching Assistant Contact Information Introduction to Software Security Background Root Cause of the Security Problems Vulnerability Exploits Dept. of Computer Science, Nanjing University Prerequisites I The basic knowledge of computer architecture I ELF I Stack Heap I Assembly code(Intel x86) I Computer Security basics I C/C++ Programming in UNIX