Security
A.Y. 2023/2024
Learning objectives
This course we will explore the foundations of software security. We will consider important software vulnerabilities and attacks that exploit them -- such as buffer overflows, heap overflow and use after free -- and we will consider defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques such as symbolic execution and fuzzing.
Expected learning outcomes
Successful learners in this course will typically be able to apply basic low attack techniques such as buffer overflow, heap overflow. Moreover he/she will be able to understand the state-of-the-art of the defensive techniques along with such specific program testing and program analysis techniques for discovering memory errors in C/C++ languages. The student should have completed junior-level undergraduate work in a technical field, have some familiarity with programming, ideally in C/C++, and have prior exposure to algorithms.
Lesson period: First semester
Assessment methods: Esame
Assessment result: voto verbalizzato in trentesimi
Single course
This course cannot be attended as a single course. Please check our list of single courses to find the ones available for enrolment.
Course syllabus and organization
Single session
Responsible
Lesson period
First semester
Course syllabus
1) Modulo Low-Level Attacks
- Buffer Overflow
- Lab Buffer overflow
- Heap Overflow
- Lab Heap Overflow
- Use after Free (UAF)
- Lab UAF
2) Modulo Low-Level Security: Defense
- Memory Safety
- Type Safety + Avoid Exploitation
- ROP Return Oriented Programming
- ROP lab
- CFI
3) Modulo Static and Dynamic Flow Analysis
- Introduction
- Static Analysis
- Data Flow analysis
4) Modulo Symbolic Execution
- Symbolic Execution
- Lab of Symbolic Execution
- Buffer Overflow
- Lab Buffer overflow
- Heap Overflow
- Lab Heap Overflow
- Use after Free (UAF)
- Lab UAF
2) Modulo Low-Level Security: Defense
- Memory Safety
- Type Safety + Avoid Exploitation
- ROP Return Oriented Programming
- ROP lab
- CFI
3) Modulo Static and Dynamic Flow Analysis
- Introduction
- Static Analysis
- Data Flow analysis
4) Modulo Symbolic Execution
- Symbolic Execution
- Lab of Symbolic Execution
Prerequisites for admission
In order to fully benefit from the course, students interested in attending must possess the following requirements:
1- Proficiency in independently managing a Linux/Windows.
2- Ability to write simple programs in C.
3 - Familiarity with using an emulator such as QEMU or VMware.
Please note that students who do not meet these requirements can still enroll in the course. However, they will be responsible for independently acquiring the aforementioned knowledge and skills.
1- Proficiency in independently managing a Linux/Windows.
2- Ability to write simple programs in C.
3 - Familiarity with using an emulator such as QEMU or VMware.
Please note that students who do not meet these requirements can still enroll in the course. However, they will be responsible for independently acquiring the aforementioned knowledge and skills.
Teaching methods
The lessons are 4 hours long and are divided into two parts: a 2-hour theoretical lesson and a 2-hour laboratory session.
Teaching Resources
Reference sources include:
- Ariel Course Website
- GitHub repository Security Exercise/Training Platform of Pwn-College
- Slides provided by the instructor
- Papers related to the topic of the lesson
- Ariel Course Website
- GitHub repository Security Exercise/Training Platform of Pwn-College
- Slides provided by the instructor
- Papers related to the topic of the lesson
Assessment methods and Criteria
The evaluation criteria will be divided into two parts: a written component (quiz) covering the theoretical aspects of the course, and a practical component consisting of a hands-on exercise where students will have to solve exploitation exercises previously discussed in the lab sessions. The final grade will be calculated as a weighted average of the two scores.
Educational website(s)
Professor(s)