Abstract Topics Prerequisites Dates and Times Material Challenges Standings Lab Environment Grading Registration
Hacker Hacker

ECE-5641 Software Security

An Introduction to Software Security

Instructor

Engin Kirda

For correspondence, send a mail to ek@ccs.neu.edu.

Office hours: Mondays 4-5pm, ISEC 617

Teaching Assistants

Ali Akhavani

Lab hours: Tuesdays (2-3pm), Thursdays (2-3pm), ISEC 617

News

  1. 11.21.2023 Challenge 6 is online. Check the Canvas announcements.
  2. 10.31.2023 Challenge 5 is online. Check the Canvas announcements.
  3. 10.24.2023 Challenge 4 is online. Check the Canvas announcements.
  4. 10.10.2023 Challenge 3 is online. Check the Canvas announcements.
  5. 10.03.2023 Challenge 2 is online. Check the Canvas announcements.
  6. 09.19.2023 Challenge 1 is online. Check the Canvas announcements.
  7. 09.17.2023 Account information has been generated and sent. Piazza has been set up.
  8. 09.15.2023 Accounts have been generated, but the information has not been sent yet. We will do so over the weekend. Stay tuned and check Canvas.
  9. 09.14.2023 Reminder that there is no physical class on the 15th. The class will be recorded. Please check Canvas announcements.
  10. 09.08.2023 The website has been updated.
  11. 09.07.2023 The course website will be updated in the next few days.

Abstract

Today, computer security problems have started to impact the practical aspects of our lives. Even though there is a considerable corpus of knowledge about tools and techniques to protect systems, information about what the actual vulnerabilities are and how they are exploited is not generally available. Also, there are many misconceptions when it comes to protecting systems.

This course deals with common programming, configuration, and design mistakes and ways to detect and avoid them. Examples are used to highlight general error classes, such as stack and heap overflows. Possible protection and detection techniques are examined. The course includes a number of practical lab assignments where participants are required to apply their knowledge as well as a discussion of the current research in the field. Students will learn how the security of systems can be violated, and how such attacks can be detected and prevented. The course aims to make the students "security aware", and gain a basic understanding about security issues.

Some Topics

  • Code security
  • Web security
  • Malware
  • Underground economy
  • Social network security and fraud
  • Reverse engineering and binary analysis
  • Intrusion detection
  • Testing
  • Operational security

Prerequisites

Programming experience (this course is not for you if you are a complete beginner)
Knowledge of C/C++ useful
Basic web programming knowledge is useful
Knowledge of general computer science concepts

Dates and Times

Tuesdays and Fridays (9:50am-11:15am, Snell Library 012)

Slides, Material, and Schedule

All course materials will be available on Canvas.

  • 12.05.2023 // Final
  • 12.01.2023 // Class 23 // Slides and video lecture available on Canvas
  • 11.28.2023 // Class 22 // Quiz 3
  • 11.24.2023 // Thanksgiving break
  • 11.21.2023 // Class 21 // Slides available on Canvas
  • 11.17.2023 // Class 20 // Slides and video lecture available on Canvas
  • 11.14.2023 // Class 19 // Slides and video lecture available on Canvas
  • 11.10.2023 // Class 18 // Slides and video lecture available on Canvas
  • 11.07.2023 // Class 17 // Quiz 2 // Slides and video lecture available on Canvas
  • 11.03.2023 // Class 16 // Slides and video lecture available on Canvas
  • 10.31.2023 // Class 15 // Slides and video lecture available on Canvas
  • 10.27.2023 // Class 14 // Slides and video lecture available on Canvas
  • 10.24.2023 // Class 13 // Slides and video lecture available on Canvas
  • 10.20.2023 // Midterm
  • 10.17.2023 // Class 12 // Slides and video lecture available on Canvas
  • 10.13.2023 // Class 11 // Slides and video lecture available on Canvas
  • 10.10.2023 // Class 10 // Slides and video lecture available on Canvas
  • 10.06.2023 // Class 9 // Quiz 1 // Slides and video lecture available on Canvas
  • 10.03.2023 // Class 8 // Slides and video lecture available on Canvas
  • 09.29.2023 // Class 7 // Slides and video lecture available on Canvas
  • 09.26.2023 // Class 6 // Slides and video lecture available on Canvas
  • 09.22.2023 // Class 5 // Slides and video lecture available on Canvas
  • 09.19.2023 // Class 4 // Slides and video lecture available on Canvas
  • 09.15.2023 // Class 3 // No physical class -- Slides and video lecture available on Canvas
  • 09.12.2023 // Class 2 // Slides and video lecture available on Canvas
  • 09.08.2023 // Class 1 // Slides and video lecture available on Canvas

Practical Challenges (Assignments)

Students will "need" to solve a set of practical challenges (assignments) in the lab part of the course. For more information on the challenges and the grading, check this page.

Grading

The course grade will be based on:

10%: Participation
10%: 3 Quizzes (1-2-3)
20%: Midterm exam
20%: Final exam
40%: Security labs

Registration

Registration details will be announced via e-mail to the registered participants.

Last Modified: Mon Dec 4 11:32:38 2023 EDT