cap6135: malware and software vulnerability analysis cliff zou spring 2009
DESCRIPTION
3 Objectives Learn software vulnerability Underlying reason for most computer security problems Buffer overflow: stack, heap, integer Buffer overflow defense: stackguard, address randomization … How to build secure software Software assessment, testing E.g., Fuzz testingTRANSCRIPT
CAP6135: Malware and Software Vulnerability Analysis
Cliff ZouSpring 2009
2
Course Information Teacher: Cliff Zou
Office: HEC335 407-823-5015 Email: [email protected] Office hour: TuTh 3pm – 5pm TA: TBD
Course Webpage: http://www.cs.ucf.edu/~czou/CAP6135/index.html Use WebCourse for homework submissions, and grading
feedback Online lecture video stream:
FEEDS video http://feeds.ucf.edu/NEW_FEEDS/Online_classes.asp Usually video available the next day
UCF Tegrity http://tegrity.ucf.edu/listallcourses/listing.aspx Recorded by myself via my Tablet PC Video available two hours after each lecture
3
Objectives Learn software vulnerability
Underlying reason for most computer security problems
Buffer overflow: stack, heap, integer Buffer overflow defense:
stackguard, address randomization … http://en.wikipedia.org/wiki/Buffer_overflow
How to build secure software Software assessment, testing
E.g., Fuzz testing
4
Objectives Learn computer malware:
Malware: malicious software Viruses, worms, botnets Email virus/worm, spam, phishing Spyware, adware Trojan, rootkits,….
A good resource for reading: http://en.wikipedia.org/wiki/Malware
Learn their characteristics Learn how to detect Learn how to defend
5
Objective Learn state-of-art research on malware
and software security Paper reading/presentation for selected
milestone papers on related research topics Lecture session students:
Need to participate in presentation, in-class discussion
Video streaming students: Need to read paper, write review, and comments
on in-class student’s presentation Your evaluation will feedback to presenter!
6
Course Materials No required textbook. Reference books:
Building Secure Software: How to Avoid Security Problems the Right Way by John Viega, Gary McGraw
Software Security: Building Security In (Addison-Wesley Software Security Series) (Paperback) Gary McGraw
19 Deadly Sins of Software Security (Security One-off) by Michael Howard, David LeBlanc, John Viega
Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson Reference courses:
CS161: Computer Security, By Dawn Song from UC, Berkley. Software Security, by Erik Poll from Radboud University Nijmegen. Introduction to Software Security, by Vinod Ganapathy from Rutgers Wikipiedia: Great resource and tutorial for initial learning
Other references as we go on: First time to teach it, learn as it goes on
7
Course Introduction Coursework face-to-face online streaming
In-class presentation 20% N/A In-class participation 10% N/A Paper review reports N/A 25% Homework 15% 20% Program projects 25% 25% Final term project 30% 30%
Paper presentation About half of the course time The other half is my lecture time Only face-to-face students participate Online students:
Write reports on presented papers Comment on student presentation
8
Course Introduction Programming projects
Probably will have 2 to 3 programming projects
Example: stack buffer overflow, software fuzz testing,
Internet worm propagation simulation Term project is a research like project
Two students as a group Or yourself if you cannot find a partner if you are an online
student Find topics by yourself
Must related to malware and software security In-class short presentation of your project proposal
Will have term project in-class presentation in final exam period
9
Questions?