COSC 69.18 HackLab: Binary Program Analysis for Software Attacks and Defenses

Modern software keeps expanding in terms of size, application domains, users, and quantity of processed information. As a result of this, the attack surface and range of vulnerabilities targeted by attackers increases on a constant basis. Simultaneously, while humans reason about programs at the source-code level, a set of abstractions designed by humans for humans, computers execute machine code: a translation of source code into low-level instructions. This course sheds light on the discrepancies between source code and what computers actually execute, and examines some of the root causes and inner-workings of several common classes of software vulnerability, how these can be exploited to take control of remote systems, how those can be addressed and how to scale their detection and mitigation by leveraging automated program analysis techniques. Students will learn the practice and theory of ethical hacking through hands-on program analysis problems, Capture-The-Flag (CTF) competition challenges, exploitation and defense techniques as well as state-of-the-art research models. By studying the attack surface of modern software, students will learn how to build stronger, more sophisticated and more adequate defense strategies.