CS 491: Software Vulnerability Analysis Readings

DateTopic and reading
Week 1
Tue, Aug 23Introduction
Reading
Thu, Aug 25Assembly primer and stack smashing
Reading
Week 2
Tue, Aug 30Constructing shellcode
No reading
Thu, Sep 01Project tutorial
No reading
Week 3
Tue, Sep 06Integer overflows and heap intro
Reading
Thu, Sep 08Memory safety vulnerabilities 1
Reading
Week 4
Tue, Sep 13Memory safety vulnerabilities 2
Reading
Thu, Sep 15Code reuse attacks
No reading
Week 5
Tue, Sep 20Return-Oriented Programming
Reading
Thu, Sep 22ROP defenses
Reading
Week 6
Tue, Sep 27Software Fault Isolation
Reading
Thu, Sep 29Control-flow Integrity
Reading
Week 7
Tue, Oct 04Breaking ROP-defenses
Reading
Thu, Oct 06Code-Pointer Integrity
Reading
Week 8
Tue, Oct 11Code-Pointer Integrity (part 2)
No reading
Thu, Oct 13Processor features for security
No reading
Week 9
Tue, Oct 18Return-oriented programing project tutorial
No reading
Thu, Oct 20No class: Work on project.
No reading
Week 10
Tue, Oct 25No class: Work on project.
No reading
Thu, Oct 27No class: Work on project.
No reading
Week 11
Tue, Nov 01ROP + mprotect
No reading
Thu, Nov 03Data as code
Reading
Week 12
Tue, Nov 08Heap spraying/JIT spraying
Reading
Thu, Nov 10Heap spraying defenses
Reading
Week 13
Tue, Nov 15Binary reverse-engineering
No reading
Thu, Nov 17Stack-reading
No reading
Week 14
Tue, Nov 22ASLR bypass
No reading
Thu, Nov 24No class: Thanksgiving
No reading
Week 15
Tue, Nov 29Secure network protocols
Reading
Thu, Dec 01Morris worm
No reading