CAP6135: Malware and Software Vulnerability Analysis
(Spring 2011)

Home                      Schedule notes                        Assignment

Instructor:        Dr. Cliff Zou (HEC-335),  407-823-5015,   czou @ cs.ucf.edu

Course Time:   Tuesday/Thursday 3:00am - 4:15am,   HEC 102

Teaching Assistant: TBA

Course Webpage:   http://www.cs.ucf.edu/~czou/CAP6135/index.html

Syllabus:  PDF

Office Hour:    Tuesday/Thursday 12:30pm - 2:30pm

Prerequisite:   
Senior standing or graduate student
Knowledge on programming language (preferring C or C++)
Knowledge on computer architecture, algorithm, and networking
Knowledge on the basic usage of Unix environment

Textbook:    No require textbook. We will use research papers and some contents from the following reference books.

• Building Secure Software: How to Avoid Security Problems the Right Way  by John Viega, Gary McGraw
• Software Security: Building Security In (Addison-Wesley Software Security Series) (Paperback) Gary McGraw
• 19 Deadly Sins of Software Security (Security One-off)  by Michael Howard, David LeBlanc, John Viega
• Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson

Description:

     This course will provide an introduction to several important aspects about malicious codes and software security, including Internet virus/worm/spam, typical software vulnerabilities, fuzz testing, secure programming, software testing, vulnerability prevention techniques, etc. In addition, we will provide representative research papers on software security and malware for students to read, present and discuss in order to learn the frontier of software security research and tools. Students will have a final research-oriented term project to work on any software security related research topics. During the semester, we will have about three programming projects on topics such as buffer-overflow exploit, fuzz testing, intrusion detection or malware simulation.

+/- grading system will be used as A, A-, B+, B, etc. The tentative weights are as follows:

Face-to-face students              Video streaming students

        In-class presentation               20%                                        N/A

        In-class participation               10%                                        N/A

        Paper review reports               N/A                                        30%

        Homework                             10%                                        10%

        Program projects                    30%                                        30%

        Final term project                   30%                                        30%