The goal of the course is raising up the ability of security vulnerability analysis. We will practice debugging and exploitation of the vulnerability examples. Each student will analyze, exploit and present assigned vulnerabilities which are patched vulnerabilities of the web browsers.
- Instructor
- Jaeseo Lee (jaeseo.lee@kaist.ac.kr)
- (macOS Part) Sunghun Kim (wanhuns@kaist.ac.kr)
- Course: IS571 Advanced Cyber Security Practice
- Time: Mon. 14:30 ~ 15:45 / Wed. 14:30 ~ 15:45
- Location: N1 #317
- Office hour: 4:00 pm - 5:30 pm (Mon. and Wed.) at N5 2218
- Grading
- 30% Lab assignments
- 20% Reports
- 20% Project
- 30% macOS Part
- Late submission policy
- Lab: late assignments will be assessed a late penalty of 50%.
- Report: a late penalty of 10% per day.
- If you want to know slide key, email me
Date | Topic | Notes |
---|---|---|
02/09/2019 | Introduction | |
04/09/2019 | Security Vulnerability | |
09/09/2019 | Windows Debugger | WinDbg_A_to_Z |
11/09/2019 | Windows Heap Internals (1/3) - Standard Heap | |
16/09/2019 | Windows Heap Internals (2/3) - Windows 7 LFH Heap | Win7 LFH Heap |
18/09/2019 | Windows Heap Internals (3/3) - Windows 10 LFH Heap | Win10 Segment Heap Internals |
23/09/2019 | Custom Heap Manager (1/2) - About Flash | |
25/09/2019 | Custom Heap Manager (2/2) - About Chrome | Report #1 (~10.16.) Access Tokens,Job Objects, Securable Objects |
30/09/2019 | Objects Tracking (1/4) - C++ Objects | Reversing C++ |
02/10/2019 | Objects Tracking (2/4) - Flash Objects | |
07/10/2019 | Objects Tracking (3/4) - Chrome Objects | |
09/10/2019 | No class (Hangeul Day) | |
14/10/2019 | Objects Tracking (4/4) - Chrome Objects | Term project |
16/10/2019 | No class | Supplementary class (28/10/2019) |
21/10/2019 | No class (Midterm week) | |
23/10/2019 | No class (Midterm week) | |
28/10/2019 | Heap Exploitation (1/2) | |
30/10/2019 | Heap Exploitation (1/2) | |
04/11/2019 | RW Primitives (1/2) | Report #2 |
06/11/2019 | RW Primitives (2/2) Control Flow Hijacking |
|
11/11/2019 | Return-Oriented Programming | Calling Conventions Intel® 64 and IA-32 Architectures |
13/11/2019 | Shellcode | |
18/11/2019 | No Class (due to personal reason) | Mac OS X and IOS Internals: To the Apple's Core |
20/11/2019 | macOS Architecture, macOS Mach-O | |
25/11/2019 | macOS Dynamic Linker | |
27/11/2019 | No Class (due to the internal event of KAIST) | |
02/12/2019 | macOS Process Internals, macOS Memory Management | |
04/12/2019 | No Class | |
09/12/2019 | Project Presentation (1/2) | - 14:00~14:25 T1 - 14:25~14:50 T4 - 14:50~15:15 T5 - 15:15~15:40 T6 (25 minutes/team) |
11/12/2019 | Project Presentation (2/2) | - 14:00~14:25 Coffee break - 14:25~14:50 T3 - 14:50~15:15 T7 - 15:15~15:40 T2 (25 minutes/team) |
16/12/2019 | No class (Final week) | |
18/12/2019 | No class (Final week) |
Copyright 2017-2019 Jaeseo Lee