CAP6135: Malware and Software Vulnerability Analysis Cliff Zou Spring 2011 Course Information Teacher: Cliff Zou Course Webpage: Office: HEC335 407-823-5015 Email: czou@cs.ucf.edu Office hour: TuTh 12:30pm – 2:30pm Course time: Tuesday/Thursday 3pm – 4:15pm http://www.cs.ucf.edu/~czou/CAP6135/index.html Use WebCourse for homework submissions, and grading feedback Online lecture video stream: UCF Tegrity http://tegrity.ucf.edu/listallcourses/listing.aspx Recorded by myself via my Tablet PC Video available usually two hours after each lecture Right now, it is only viewable by online session students 2 Prerequisites C programming language Knowledge on computer architecture For our program projects Know stack, heap, memory Knowledge on OS, algorithm, networking Basic usage of Unix machine We will need to use Unix machine in our department: eustis.eecs.ucf.edu, for programming projects 3 Objectives Learn software vulnerability Underlying reason for most computer security problems Buffer overflow: stack, heap, integer Buffer overflow defense: stackguard, address randomization … http://en.wikipedia.org/wiki/Buffer_overflow How to build secure software Software assessment, testing E.g., Fuzz testing 4 Objectives Learn computer malware: A good resource for reading: Malware: malicious software Viruses, worms, botnets Email virus/worm, spam, phishing, pharming Spyware, adware Trojan, rootkits,…. http://en.wikipedia.org/wiki/Malware Learn their characteristics Learn how to detect, monitoring Learn how to defend 5 Objective Learn state-of-art research on malware and software security Paper reading/presentation for selected milestone papers on related research topics Lecture session students: Required to participate in presentation of assigned papers, in-class discussion Online students: Read assigned paper, write review Comment on in-class student’s presentation Your evaluation will feedback to presenter! 6 Course Materials No required textbook. Reference books: Building Secure Software: How to Avoid Security Problems the Right Way by John Viega, Gary McGraw Software Security: Building Security In (Addison-Wesley Software Security Series) (Paperback) Gary McGraw 19 Deadly Sins of Software Security (Security One-off) by Michael Howard, David LeBlanc, John Viega Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson Reference courses: CS161: Computer Security, By Dawn Song from UC, Berkley. Software Security, by Erik Poll from Radboud University Nijmegen. Introduction to Software Security, by Vinod Ganapathy from Rutgers Wikipiedia: Great resource and tutorial for initial learning Other references as we go on: 7 Grading Guideline Coursework face-to-face In-class presentation 20% In-class participation 10% Paper review reports N/A Homework 10% Program projects 30% Final term project 30% 8 online streaming N/A N/A 30% 10% 30% 30% Course Assignment – face-to-face students Paper presentation Occupy about 1/3 of the course time Each class will have two students present two selected milestone papers Students are required to participate and provide discussion Discussion will count in your grade! The other 2/3 time is my lecture time Only for face-to-face students 9 Course Assignment – Online students Write reports on 50% of presented papers Provide comments on student presentation in your reports Enforce online students to watch video Collected/Anonymized comment feedback be accessible to everyone A great help to improve student presentation Even if you are not the presenter 10 Programming projects Probably will have 3 programming projects Example: Basic buffer overflow Software fuzz testing Internet worm propagation simulation Or network intrusion detection experiment 11 Term Project A research like project Two students as a group Or yourself if you cannot find a partner Will make you do more work Group format help you to learn how to collaborate Find topics by yourself Must related to malware and software security Provide topic proposal one and half month later Result: Submit report before semester ends (late April) Report will look just like a research paper we read Face-to-face students: present your project Online students: submit your presentation slides with speaking notes on every page 12 Questions? 13