The goal of the course is raising up the ability of security vulnerability analysis. We will practice debugging and exploitation of the vulnerability examples. Each student will analyze, exploit and present assigned vulnerabilities which are patched vulnerabilities of the web browsers.
- Instructor
- Jaeseo Lee (jaeseo.lee@kaist.ac.kr)
- (macOS Part) Sunghun Kim (wanhuns@kaist.ac.kr)
- Course: IS571 Advanced Cyber Security Practice
- Time: Mon. 14:30 ~ 15:45 / Wed. 14:30 ~ 15:45
- Location: N1 #317
- Office hour: 4:00 pm - 5:30 pm (Mon. and Wed.) at N5 2218
- Grading
20%30% Lab assignments- 20% Reports
20%30% Project20% Mid-term Exam- 20% macOS Part
- Late submission policy
- Lab: late assignments will be assessed a late penalty of 50%.
- Report: a late penalty of 10% per day.
- If you want to know slide key, email me
Date | Topic | Notes |
---|---|---|
27/08/2018 | Introduction | |
29/08/2018 | Security Vulnerability (1/2) | |
03/09/2018 | Security Vulnerability (2/2) | |
05/09/2018 | Windows Debugger | WinDbg_A_to_Z |
10/09/2018 | Windows Heap Internals (1/2) - Standard Heap | |
12/09/2018 | Windows Heap Internals (2/2) - LFH Heap | Win7 LFH Heap Win8 Heap Internals Win10 Segment Heap Internals Report #1 (~9.30.) |
17/09/2018 | Custom Heap Manager (1/3) - About Flash | |
19/09/2018 | Custom Heap Manager (2/3) - About Chrome | |
24/09/2018 | No class (Chuseok, Korean Harvest Day) | |
26/09/2018 | No class (Chuseok, Korean Harvest Day) | |
01/10/2018 | Custom Heap Manager (3/3) - Extra | Report #2 (~10.21.) |
03/10/2018 | No class (National Foundation Day) | |
08/10/2018 | Objects Tracking (1/4) - C++ Objects | Reversing C++ |
10/10/2018 | Objects Tracking (2/4) - Flash Objects | |
15/10/2018 | No class (Midterm week) | |
17/10/2018 | No class (Midterm week) | |
22/10/2018 | Objects Tracking (3/4) - Chrome Objects | |
24/10/2018 | Objects Tracking (4/4) - Chrome Objects Heap Exploitation (1/2) |
|
29/10/2018 | Heap Exploitation (2/2) RW Primitives (1/2) |
|
31/10/2018 | RW Primitives (2/2) | Report #3 (~11.18.) |
05/11/2018 | No class | Supplementary class (12/11/2018 and 14/11/2018) |
07/11/2018 | No class | Supplementary class (03/12/2018 and 05/12/2018) |
12/11/2018 | Control Flow Hijacking Return-Oriented Programming |
- 14:00~15:45 Calling Conventions Intel® 64 and IA-32 Architectures |
14/11/2018 | Shellcode | - 14:00~15:45 |
19/11/2018 | macOS Architecture | Mac OS X and IOS Internals: To the Apple's Core |
21/11/2018 | macOS March-O and Dynamic Linker | |
26/11/2018 | macOS Process Internals, Memory Mgmt., and Objective-C |
|
28/11/2018 | No class | |
03/12/2018 | Project Presentation (1/2) | - 14:00~14:25 - 14:25~14:50 - 14:50~15:15 - 15:15~15:40 (25 minutes/team) |
05/12/2018 | Project Presentation (2/2) | - 14:00~14:25 - 14:25~14:50 - 14:50~15:15 - 15:15~15:40 |
10/12/2018 | No class (Final week) | |
12/12/2018 | No class (Final week) |
Copyright 2017 Jaeseo Lee