CAP6135: Malware and Software
Vulnerability Analysis
Cliff Zou
Spring 2009
Course Information

Teacher: Cliff Zou





Course Webpage:



Office: HEC335 407-823-5015
Email: czou@cs.ucf.edu
Office hour: TuTh 3pm – 5pm
TA: TBD
http://www.cs.ucf.edu/~czou/CAP6135/index.html
Use WebCourse for homework submissions, and grading
feedback
Online lecture video stream:

FEEDS video



http://feeds.ucf.edu/NEW_FEEDS/Online_classes.asp
Usually video available the next day
UCF Tegrity



http://tegrity.ucf.edu/listallcourses/listing.aspx
Recorded by myself via my Tablet PC
Video available two hours after each lecture
2
Objectives

Learn software vulnerability



Underlying reason for most computer security
problems
Buffer overflow: stack, heap, integer
Buffer overflow defense:
stackguard, address randomization …
 http://en.wikipedia.org/wiki/Buffer_overflow



How to build secure software
Software assessment, testing

E.g., Fuzz testing
3
Objectives

Learn computer malware:






A good resource for reading:




Malware: malicious software
Viruses, worms, botnets
Email virus/worm, spam, phishing
Spyware, adware
Trojan, rootkits,….
http://en.wikipedia.org/wiki/Malware
Learn their characteristics
Learn how to detect
Learn how to defend
4
Objective

Learn state-of-art research on malware
and software security


Paper reading/presentation for selected
milestone papers on related research topics
Lecture session students:


Need to participate in presentation, in-class
discussion
Video streaming students:
Need to read paper, write review, and comments
on in-class student’s presentation
 Your evaluation will feedback to presenter!

5
Course Materials

No required textbook. Reference books:





Building Secure Software: How to Avoid Security Problems the Right
Way by John Viega, Gary McGraw
Software Security: Building Security In (Addison-Wesley Software
Security Series) (Paperback) Gary McGraw
19 Deadly Sins of Software Security (Security One-off) by Michael
Howard, David LeBlanc, John Viega
Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson
Reference courses:
CS161: Computer Security, By Dawn Song from UC, Berkley.
 Software Security, by Erik Poll from Radboud University Nijmegen.
 Introduction to Software Security, by Vinod Ganapathy from Rutgers
 Wikipiedia: Great resource and tutorial for initial learning


Other references as we go on:

First time to teach it, learn as it goes on
6
Course Introduction


Coursework
 In-class presentation
 In-class participation
 Paper review reports
 Homework
 Program projects
 Final term project
face-to-face
20%
10%
N/A
15%
25%
30%
online streaming
N/A
N/A
25%
20%
25%
30%
Paper presentation




About half of the course time
The other half is my lecture time
Only face-to-face students participate
Online students:
Write reports on presented papers
 Comment on student presentation

7
Course Introduction

Programming projects


Probably will have 2 to 3 programming
projects
Example:


stack buffer overflow, software fuzz testing,
Internet worm propagation simulation
Term project is a research like project

Two students as a group


Find topics by yourself



Or yourself if you cannot find a partner if you are an online
student
Must related to malware and software security
In-class short presentation of your project proposal
Will have term project in-class presentation in final
exam period
8

Questions?
9