Computer Science 590AF - Reverse Engin & Exploit Dev

Software is everywhere and many developers aren't aware of how to properly write secure code. We will cover practical skills in reverse engineering and binary exploitation and delve into the techniques used by adversaries for some of the largest security incidents of the century. With a strong understanding of attack patterns, students will be able to implement more secure coding practices into their own code and defend against these attacks. This course will start by covering Intel-based assembly, reverse engineering, vulnerability analysis, and various forms of Linux-focused binary exploitation. Throughout this course, we will cover stack, heap, and Linux kernel-based exploitation and dive into common defensive mitigations such as ASLR, NX, and Stack Cookies alongside techniques to bypass each of them. This course will be focused on low-level software written in C, which is why an understanding of the topics covered in CS230 is assumed (and required for undergraduates). This course counts as a CS Elective for the CS Major.

Open to junior and senior COMPSCI, INFORM, and CS-ENG students who received a grade of C or better in COMPSCI 230 or E&C-ENG 322. MEETS WITH COMPSCI 367 (PREVIOUSLY 390R). LEC 01 FOR UNDERGRADS; LEC 02 FOR GRADS. ALTHOUGH OPEN TO INFORM MAJORS, THIS COURSE IS NOT ON THE LIST OF PRE-APPROVED INFORM ELECTIVES. SEATS HELD FOR INCOMING GRADUATE STUDENT REGISTRATION. STUDENTS NEEDING SPECIAL PERMISSION MUST REQUEST OVERRIDES VIA THE ON-LINE FORM: https://www.cics.umass.edu/academics/course-overrides