Software security

CS-412

This file is part of the content downloaded from Software security.

Course schedule

Date	Lecture	Book chapter	Quiz	Lab
2025-02-18	Introduction + Basic Principles	Chapter 1, 2
2025-02-20	Introduction to the Labs			ASLR/binary formats
2025-02-25	No class [Mathias is traveling]
2025-02-27				Lab 1: CTF
2025-03-04	Secure Lifecycle & Security policies	Chapter 3, 4
2025-03-06				Lab 1: Q&A
2025-03-11	No class [IC BOOST DAY]
2025-03-13	Software bugs and attack vectors	Chapter 5
2025-03-18	Mitigations	Chapter 6.4	Basics
2025-03-20				Lab 1: Q&A
2025-03-25	Advanced mitigations	Chapter 6.4.6/7
2025-03-27				Lab 1: deadline
2025-04-01	Testing	Chapter 6.3.1/4	Mitigations
2025-04-03				Intro to fuzzing (libfuzzer)
2025-04-08	Testing: Fuzzing	Chapter 6.3.3
2025-04-10				Lab 2: Testing
2025-04-15	Testing: Sanitization	Chapter 6.3.2
2025-04-17				Lab 2: Q&A
2025-04-22	Easter holidays
2025-04-24				No lab
2025-04-29	Testing: Advanced Fuzzing	Chapter 6.3.3
2025-05-01				Lab 2: Q&A
2025-05-06	Case study: browser / web	Chapter 7.1	Testing
2025-05-08				Lab 2: Q&A
2025-05-13	Case study: mobile	Chapter 7.2
2024-05-15				Class Q&A / Lab 2: DL
2025-05-20	Guest talk
2025-05-22				No lab
2025-05-27	King of the Hill
2025-05-29	Holiday

Note that this schedule is a plan and no plan survives contact with reality.

The final exam will likely be on May 20 in class but we are evaluating if we can move it to the exam session due to the large amount of students in this class.

Exercise Session 02: CTF and Binary Analysis (File)

0x06 (Basics) Mitigations (URL)

0x07 Advanced Mitigations (URL)

0x0A Testing: Sanitization (URL)

0x0B: Testing: Advanced Fuzzing (URL)

0x0C: Case Study: Web (URL)

0x0D Case Study: Android / Mobile (URL)

Software security

23 June