Computer Science 390R - ReverseEngin&VulnrbltyAnalysis

Many software developers aren't aware of how to properly write secure code. This course covers practical skills in reverse engineering and binary exploitation, and examines the techniques used by hackers in recent major security incidents. The course objective is to provide students with a strong understanding of attack patterns, and to ensure students implement more secure coding practices in their own code. This course begins with an introduction to Intel-based assembly, reverse engineering, vulnerability analysis, and various forms of Linux-focused binary exploitation. The course then covers stack, heap and Linux kernel-based exploitation, and dive into common defensive mitigations such as ASLR, NX and Stack Cookies alongside techniques to bypass each of them. This course counts as a CS Elective for the CS Major (BA or BS).

Open to juniors and seniors in Computer Science or Informatics. COMPSCI 230 or ECE 322/373 w C THIS COURSE IS FOCUSED ON LOW-LEVEL SOFTWARE WRITTEN IN C. AN UNDERSTANDING OF THE TOPICS COVERED IN COMPSCI 230 IS REQUIRED. ALTHOUGH OPEN TO INFORM MAJORS, THIS COURSE DOES NOT COUNT AS AN INFORM ELECTIVE. JUNIOR AND SENIOR CSENG MAJORS WHO MEET PREREQUISITE WILL BE CONSIDERED IF AVAILABLE SEATS. STUDENTS NEEDING SPECIAL PERMISSION MUST REQUEST OVERRIDES VIA THE ON-LINE FORM: http://www.cics.umass.edu/overrides.