Presently teaching at JHU-ISI in the Fall semesters.

Software Vulnerability Analysis, EN.650.660 (a.k.a., SVA)

Competent execution of security assessments on modern software systems requires extensive knowledge in numerous technical domains and comprehensive understanding of security risks.  This course provides necessary background knowledge and examines relevant theories for software vulnerabilities and exploits in detail.  Key topics include historical vulnerabilities, their corresponding exploits, and associated risk mitigations.  Fundamental tools and techniques for performing security assessments (e.g., software reverse engineering, static analysis, and dynamic analysis) are covered extensively.  The format of this course includes lectures and assignments where students learn how to develop exploits to well-known historical vulnerabilities in a controlled environment.  Students will complete and demonstrate a project as part of the course.

In the class, we:

  • explore software vulnerabilities conceptually (i.e., what aspects cause a general fault to also be a security problem)
  • cover my recommended process for discovering and addressing vulnerabilities in security assessments
  • review x86 assembly and fundamental operating system concepts (in preparation for learning my recommended process to reverse engineering)
  • cover static analysis techniques and tools that include: (1) reverse engineering source code designs, (2) reverse engineering binaries, and (3) disassembling and decompiling binaries
  • cover dynamic analysis techniques and tools that include: (1) debugging, (2) memory analysis, (3) fuzzing, and (4) symbolic/concolic execution
  • cover common vulnerability specifics and how to prevent/mitigate (e.g., unvalidated input, buffer overflows, heap corruption, format string, integer misuse, and so on)
  • cover advanced case studies on interesting public vulnerabilities for commercial operating systems

In the HW and labs, you:

  • develop exploits to many of the common vulnerabilities to better understand how the popular defensive measures help with mitigation
  • learn the use of relevant tools for reverse engineering, static analysis, and dynamic analysis

Fall 2018 student projects:

Team 1-VirtualBox Case Study
Team 2-Spectre Case Study
Team 3-PortSmash Case Study
Team 4-Hyperjacking Lecture
Team 5-Virus Detection Using Machine Learning
Team 6-Mirai Case Study

Fall 2017 student 

Team 1 - Replay Attacks & Mitigation Strategies lecture
Team 2 - Part 1, HTML injection, URL redirection, XSS
            - Part 2, CSRF
Team 3 - Linux.encoder.1 ransomware case study
Team 5 - VPM machine learning (Firefox case study)
Team 6 - VPM machine learning and natural language processing lecture
Team 7 - IPC vulnerabilities lecture
Team 8 - Dirty COW vulnerability case study
Team 9 - VPM machine learning (PHP web applications case study)
Team 10 - Race condition vulnerabilities lecture
              - Exploiting race condition vulnerabilities demo
Team 11 - BlueBorne vulnerability case study
Team 12 - GOT exploits lecture
              - GOT exploit demo
Team 13 - DLL injection exploits case study

Fall 2016 student projects:

team1-SQL injection
team2-Software model checking
team3-Shellshock case study
team4-ROP on Linux
team5-Latex exploits
team6-Detecting Android malware dynamically
team7-Windows heap overflows


Website Builder