Schedule¶
The schedule will change as the course progresses, in part based on student interests. If you are particularly interested in some topic not covered here, send mail to the course staff.
| Monday | Tuesday | Wednesday | Thursday | Friday |
| Aug 25 First day of the class |
Aug 26 LEC 1: Course Intro & Preliminary Rev. Engineering #1 lec01.pptx Preparation: What really happened on Mars Rover Pathfinder? Preparation: Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack |
Aug 27 | Aug 28 LEC 2: Code compilation and binary generation; system architecture basic; calling conventions and binary ABI lec01-x86-assembly.pptx lec01-tools.pptx Preparation: Smashing The Stack For Fun And Profit Resource: x86 Assembly Guide Resource: Intel Code Table Resource: Assembly-HOWTO Resource: Intel vs AT&T format Resource: Linux assemblers: A comparison of GAS and NASM |
Aug 29 |
| Sep 1 | Sep 2 LEC 3: x86 assembly I; intro to debugging & reversing toolchains Resource: Intel® 64 and IA-32 Architectures Software Developer’s Manual Resource: x86 and amd64 instruction reference Resource: GDB tutorials gdb1, gdb2 Resource: pwndbg, gef Resource: List of useful tools for the class Resource: GNU Make Manual Resource: Intel vs. AT&T syntax Assigned: Unit 1 |
Sep 3 | Sep 4 LEC 4: x86 assembly II; calling conventions; data encoding Preparation: Read Where the top of the stack is on x86 Preparation: Read Stack frame layout on x86-64 Resource: Radare2 resources Resource: how debugger works (part1) (part2) (part3) |
Sep 5 |
| Sep 8 | Sep 9 LEC 5: Basic system and binary attacks; ELF format; loading and dynamic linking programs Resource: ELF loading and linking |
Sep 10 | Sep 11 LEC 6: x86 shellcoding; how system call works; basic system defenses DUE: Unit 1 Assigned: Unit 2 |
Sep 12 |
| Sep 15 | Sep 16 LEC 7: Program loading and process instantiation PPTX Preparation: Read Anatomy of a system call Part1, Part2 Resource: shellcoding tutorial Resource: shellcode-template.tar.bz2 Resource: Shellcodes database Resource: Inline assembly Resource: shellcode-template-arm.tar.bz2 |
Sep 17 | Sep 18 LEC 8: Code hijacking attacks I; stack overflow attack; shellcoding attack Resource: vimrc, .gdbinit, .tmux.conf .pythonrc.py Resource: x86 (32-bit) syscall table Resource: x86 (64-bit) syscall table |
Sep 19 |
| Sep 22 | Sep 23 LEC 9: Code hijacking attacks II; system mitigations lec05-mitigation TOPIC 1: Stack canaries TOPIC 2: DEP/NX TOPIC 3: ASLR intro |
Sep 24 | Sep 25 LEC 10: Code encoding and binary disassmebly challenges Resource: ARM architecture reference manual Resource: ARMv7 cheatsheet Resource: ARM reference Resource: ARM thumb |
Sep 26 |
| Sep 29 | Sep 30 LEC 11: System security mitigation DUE: Unit2 Resource: Linux mov is Turing-complete Resource: Linux x86 Program Start Up Resource: How to get run ELF binary, How programs get run Resource: Anatomy of a Program in Memory Assigned: Unit3 |
Oct 1 | Oct 2 LEC 12: ASLR defenses; ROP attacks and defenses Resource: The Performance Cost of Shadow Stacks and Stack Canaries Resource: Weird Machine |
Oct 3 |
| Oct 6 | Oct 7 LEC 13: ROP and Format String attacks lec07-fsv.pptx TUT 4: inscounts example tutorial Resource: The Anatomy of an Executable, The ELF Object File Format by Dissection Resource: Read Pin - A Dynamic Binary Instrumentation Tool Resource: Pintool tutorial Resource: PIN User guide Resource: inscounts.tar.gz |
Oct 8 | Oct 9 LEC 14: Binary Instrumentation with PIN lec07-pintools.pptx Resource: LiveOverflow: Global Offset Table (GOT) and Procedure Linkage Table (PLT) - bin 0x12 |
Oct 10 |
| Oct 13 Mid-term week |
Oct 14 Mid-term week |
Oct 15 Mid-term week |
Oct 16 Mid-term week |
Oct 17 Mid-term week |
| Oct 20 | Oct 21 LEC 15: Binary instrumentation and binary translators I lec08.pptx DUE: Unit3 Assigned: Unit4 Unit4 descrpiption Resource: Read DynamoRio paper Resource: Online assembler/disassembler |
Oct 22 | Oct 23 LEC 16: Inline reference monitors lec09.pptx Preparation: libdft Resource: Inline reference monitors Resource: libdft-talk.pptx Resource: libdft source Resource: libdft64 source |
Oct 24 |
| Oct 27 | Oct 28 LEC 17: Inline reference monitors II Resource: SoK: Using Dynamic Binary Instrumentation for Security |
Oct 29 | Oct 30 LEC 18: Virtualization basics and principles I |
Oct 31 |
| Nov 3 | Nov 4 LEC 19: Virtualization basics and principles II lec10-virtualization.pptx |
Nov 5 | Nov 6 LEC 20: Code emulation and light-weighted virtualization (e.g., containers) lec11-container.pptx Preparation: SubVirt: Implementing malware with virtual machines DUE: Unit4 Part1 |
Nov 7 |
| Nov 10 | Nov 11 LEC 21: Special topic I --- HDL decompilation and security analysis Preparation: PyLingual: Toward Perfect Decompilation of Evolving High-Level Languages |
Nov 12 | Nov 13 LEC 22: Static binary rewriting and decompilation I Preparation: Reassembly is Hard: A Reflection on Challenges and Strategies |
Nov 14 |
| Nov 17 | Nov 18 LEC 23: Static binary rewriting and decompilation II Preparation: Read Running the “Reflections on Trusting Trust” Compiler Preparation: Read Reflection on Trusting Trust by Ken Thompson, Turing Award lecture, 1984. DUE: Unit4 Part2 Assigned: Unit 5 |
Nov 19 | Nov 20 LEC 24: Speicial topic II -- Data-driven Analysis for Cybersecurity; Provenace-based ML Security Resource: Binary Rewriting without Control Flow Recovery Resource: E9Patch |
Nov 21 |
| Nov 24 Thanks giving |
Nov 25 Thanks giving |
Nov 26 Thanks giving |
Nov 27 Thanks giving |
Nov 28 Thanks giving |
| Dec 1 | Dec 2 LEC 25: Symbolic execution and program fuzzing Preparation: angr: a platform for binary analysis Resource: angr |
Dec 3 | Dec 4 LEC 26: Hardware security issues and mitigations |
Dec 5 |
| Dec 8 | Dec 9 LEC 27: Hardware security issues and mitigations II |
Dec 10 | Dec 11 | Dec 12 |