Secure Programming II

Homepage People Research Teaching
Abstract
Topics
Prerequisites
Location
Dates and Times
Slides
Standings
Ratings
Challenges
Environment
Examination
Registration

Secure Programming II (SecProg 2) @ Institute Eurecom

Lecturers

Engin Kirda (Institute Eurecom)

For correspondence, send a mail to secprog@iseclab.org

News

  1. 22.01.2010 Challenge 8 is online. Good luck!
  2. 08.12.2010 Challenge 7 is online. Good luck!
  3. 11.12.2010 Challenge 6 is online. Good luck!
  4. 04.12.2009 Challenge 5 is online. Good luck!
  5. 02.12.2009 Challenge 5 will be announced on 04.12, 15.00.
  6. 20.11.2009 Challenge 4 is online. Good luck!
  7. 19.11.2009 Challenge 4 will be announced on 20.11, 15.00.
  8. 06.11.2009 Challenge 3 is online. Good luck!
  9. 05.11.2009 Challenge 3 will be announced on 06.11, 13.30.
  10. 30.10.2009 Challenge 2 is online. Good luck!
  11. 28.10.2009 Challenge 2 will be announced on 30.10, 16.00.
  12. 15.10.2009 Challenge 1 will be announced on 16.10, 16.00.
  13. 07.10.2009 The page for SecProg 2 has been created and updated. The first lecture will be on Friday, 9th of October.

Abstract

Secure Programming II (i.e., SecProg 2) serves as a continuation for the class Secure Programming . The idea is to present problems in more detail and allow students to apply their knowledge in practical exercises. Because the class will feature a number of programming exercises, students are required to have considerable programming experience. The lecture deals with common programming mistakes and ways to detect and avoid them. Examples are used to highlight general error classes, such as stack and heap overflows.

Topics

  • Operating system security and vulnerabilities (UNIX, Windows, stack and heap overflows)
  • Windows Security
  • Buffer Overflows (including Heap overflow)
  • Fuzzing
  • Reverse engineering and binary analysis
  • Viruses, worms, malware and malicious code
  • Underground economy
  • Botnets
  • Social Networks

Prerequisites

  • Time! ;-) == You will be programming every week or so!
  • good programming/developing skills (C - x86 assembler advantageous)
  • Secure Programming
  • Experience with Linux and Windows

Assignments

There are a set of "challenges" that the students are required to solve. These challenges are security-related programming assignments (e.g., buffer overflows, application cracking, virus coding, etc.).

The challenges will be announced on a regular basis, most of them following the content of the lectures.

Location, Dates and Times

There are lectures every week. Lectures are held on Fridays in EC06 at 13.30 (prompt).

Slides

Here, you will find the PDF version of all presented slides.

29.01.2010, Time devoted to Lab
22.01.2010, Lecture 12 slides
15.01.2010, Lecture 11 slides
08.01.2010, Lecture 10 slides
18.12.2009, Lecture 9 slides
11.12.2009, Lecture 8 slides
04.12.2009, Lecture 7 slides
27.11.2009, Lecture 6 slides
20.11.2009, Lecture 5 slides
06.11.2009, Time devoted to Lab
30.10.2009, Lecture 4 slides
23.10.2009, Lecture 3 slides
16.10.2009, Lecture 2 slides
09.10.2009, Lecture 1 slides

Examination

There will be an exam at the end of the course, in February.

Registration

The SecProg II registration will start on the 12th of October and will continue until the 26th of October. Details for registration will be announced during the first lecture.
Last Modified: Wed Jan 27 09:41:51 CET 2010

International Secure Systems Lab www.iseclab.org