Overview
- Course: CY 5770 – Software Vulnerabilities and Security
- Semester: Spring 2025
- Instructor: Ziming Zhao
- Teaching Assistant: Sagar Mohan
- Schedule: Wednesdays, 6:00 PM – 9:20 PM, Cargill Hall 094
This course provides an understanding of theories, principles, techniques, and tools used for software and system hacking and hardening. Topics include binary reverse engineering, vulnerability analysis, exploit development, and defensive solutions.
Topics
- Stack-based buffer overflow attacks
- Heap security vulnerabilities
- Format string vulnerabilities
- Return-oriented programming (ROP)
- Shellcode development
- Defensive mechanisms (canaries, shadow stacks, ASLR, control-flow integrity)
- Cache side-channel attacks
Assessments
- Lab assignments
- Midterm CTF competition
- Final CTF competition