3. 강의목표
Course Overview:
- The intended audience of this course is graduate students who are interested in studying practical software security. We will cover advanced techniques for analyzing binaries, crafting exploits for security vulnerabilities, and developing mitigation strategies. Students will engage in hands-on Capture-The-Flag (CTF) style lab challenges to actively apply and practice the techniques learned.
Course Goals:
- Recognize various classes of security vulnerabilities
- Develop skills in exploiting security vulnerabilities
- Study how to effectively mitigate security vulnerabilities
4. 강의선수/수강필수사항
Recommended:
- CSED211: Introduction to Computer SW Systems
- CSED415: Computer Security
5. 성적평가
- Lab assignments: 70%
- Midterm exam: 15%
- Final exam: 15%
7. 참고문헌 및 자료
- Phrack Magazine: http://www.phrack.org/
8. 강의진도계획
- Week 1: x86, GDB
- Week 2: x86_64, Decompilers
- Week 3: Shellcode
- Week 4: Stack Buffer Overflow
- Week 5: Stack Buffer Overflow (2)
- Week 6: Stack Smash Protection
- Week 7: NX and ASLR
- Week 8: Midterm Exam
- Week 9: Format String Bugs
- Week 10: Return-Oriented Programming
- Week 11: Advanced ROP
- Week 12: Remote Exploitation
- Week 13: Logic Bugs
- Week 14: Heap Exploitation
- Week 15: Review
- Week 16: Final Exam
Please note that the plan may change.
9. 수업운영
- Discuss attack and defense techniques
- Practice techniques through lab challenges
11. 장애학생에 대한 학습지원 사항
- 수강 관련: 문자 통역(청각), 교과목 보조(발달), 노트필기(전 유형) 등
- 시험 관련: 시험시간 연장(필요시 전 유형), 시험지 확대 복사(시각) 등
- 기타 추가 요청사항 발생 시 장애학생지원센터(279-2434)로 요청