This course we will explore the foundations of software security. We will consider important software vulnerabilities and attacks that exploit them -- such as buffer overflows, heap overflow and use after free -- and we will consider defenses that prevent or mitigate these attacks, including advanced testing and program analysis techniques such as symbolic execution and fuzzing.
Expected learning outcomes
Successful learners in this course will typically be able to apply basic low attack techniques such as buffer overflow, heap overflow. Moreover he/she will be able to understand the state-of-the-art of the defensive techniques along with such specific program testing and program analysis techniques for discovering memory errors in C/C++ languages. The student should have completed junior-level undergraduate work in a technical field, have some familiarity with programming, ideally in C/C++, and have prior exposure to algorithms.
Lesson period: Second semester
(In case of multiple editions, please check the period, as it may vary)