Archive for the ‘System Security and Binary Code Analysis’ Category


Course Overview

CS-6V81 is a graduate level, research oriented, system and software security course.

The goal of this course is to explain the low-level system details from compiler, linker, loader, to OS kernel and computer architectures, examine the weakest link in each system component, explore the left bits and bytes after all these transformations, and study the state-of-the-art offenses and defenses.

The learning outcome is students shall be able to understand how an attack is launched (e.g., how an expoit is created), and how to do the defense (e.g., developing OS patches, analyzing the binary code, and detecting intrusions)

In particular, we will cover

  • Memory exploits. We will investigate the unsafe but widely used system programming language C, cover typical vulnerabilities such as buffer overflows, format strings, integer overflows, etc. How to create robust shell code using such as ROP, HeapSpray.
  • OS Kernel Internals. What’s the behavior when a program is running on top of OS. Why we use paging. How virtual to physical address translation is performed. How MMU (e.g., TLB) helps this. How OS manage files, and disks. How can we model the program behavior when sitting at OS layer. We will use both Linux and Windows as working kernel.
  • Linker and Loader Internals. How a program can be dynamically linked, and what an attacker can do to cheat the system and meanwhile what we can do to protect the system.
  • Kernel-level Defense, how can we defend against the common exploits, techniques including such as ASR, and DEP, NX-bits.
  • User-level Defense. Safe library, Compiler extension, Binary Transformation/Rewriting, Runtime Verification.
  • Binary code reverse engineering. Static binary code analysis. Dynamic Binary code instrumentation. Data flow analysis, and control flow analysis. Malware packing and unpacking.

The class will also have a heavy-hands on project. Students could choose either to perform research (will work on a semester-long research topic of their choosing), or perform an engineering project.

Link : http://www.utdallas.edu/~zhiqiang.lin/spring2012.html

Regards,

m4n0w4r

Advertisements