CAP6135: Malware and Software Vulnerability Analysis
(Spring 2012)

Home                      Schedule notes                        Assignment

Instructor:        Dr. Cliff Zou (HEC-243),  407-823-5015,   czou@eecs.ucf.edu

Course Time:   MoWe 12:00pm-1:15pm,   PSY 0111 (Psychology Building)

Teaching Assistant: TBA

Course Webpage:   http://www.cs.ucf.edu/~czou/CAP6135/index.html

Syllabus:  PDF

Office Hour:    MoWe 9:00am-11:00am

Prerequisite:   
Knowledge on programming language (preferring C or C++)
Knowledge on computer architecture, algorithm, and networking
Knowledge on the basic usage of Unix environment

Textbook:    No require textbook. We will use research papers and some contents from the following reference books.

• Building Secure Software: How to Avoid Security Problems the Right Way  by John Viega, Gary McGraw
• Software Security: Building Security In (Addison-Wesley Software Security Series) (Paperback) Gary McGraw
• 19 Deadly Sins of Software Security (Security One-off)  by Michael Howard, David LeBlanc, John Viega
• Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson

Description:

     This course will provide an introduction to several important aspects about malicious codes and software security, including Internet virus/worm/spam, typical software vulnerabilities, fuzz testing, secure programming, software testing, vulnerability prevention techniques, etc. In addition, we will provide representative research papers on software security and malware for students to read, present and discuss in order to learn the frontier of software security research and tools. Students will have a final research-oriented term project to work on any software security related research topics. During the semester, we will have about three programming projects on topics such as buffer-overflow exploit, fuzz testing, intrusion detection or malware simulation.

+/- grading system will be used as A, A-, B+, B, etc. The tentative weights are as follows: