1. CAP6135: Malware and Software Vulnerability Analysis Cliff Zou Spring 2009

2. 2 Course Information  Teacher: Cliff Zou  Office: HEC335 407-823-5015  Email: czou@cs.ucf.educzou@cs.ucf.edu  Office hour: TuTh 3pm – 5pm  TA: TBD  Course Webpage:  http://www.cs.ucf.edu/~czou/CAP6135/index.html http://www.cs.ucf.edu/~czou/CAP6135/index.html  Use WebCourse for homework submissions, and grading feedback  Online lecture video stream:  FEEDS video  http://feeds.ucf.edu/NEW_FEEDS/Online_classes.asp http://feeds.ucf.edu/NEW_FEEDS/Online_classes.asp  Usually video available the next day  UCF Tegrity  http://tegrity.ucf.edu/listallcourses/listing.aspx http://tegrity.ucf.edu/listallcourses/listing.aspx  Recorded by myself via my Tablet PC  Video available two hours after each lecture

3. 3 Objectives  Learn software vulnerability  Underlying reason for most computer security problems  Buffer overflow: stack, heap, integer  Buffer overflow defense:  stackguard, address randomization …  http://en.wikipedia.org/wiki/Buffer_overflow http://en.wikipedia.org/wiki/Buffer_overflow  How to build secure software  Software assessment, testing  E.g., Fuzz testing

4. 4 Objectives  Learn computer malware:  Malware: malicious software  Viruses, worms, botnets  Email virus/worm, spam, phishing  Spyware, adware  Trojan, rootkits,….  A good resource for reading:  http://en.wikipedia.org/wiki/Malware http://en.wikipedia.org/wiki/Malware  Learn their characteristics  Learn how to detect  Learn how to defend

5. 5 Objective  Learn state-of-art research on malware and software security  Paper reading/presentation for selected milestone papers on related research topics  Lecture session students:  Need to participate in presentation, in-class discussion  Video streaming students:  Need to read paper, write review, and comments on in-class student’s presentation  Your evaluation will feedback to presenter!

6. 6 Course Materials  No required textbook. Reference books:  Building Secure Software: How to Avoid Security Problems the Right Way by John Viega, Gary McGraw  Software Security: Building Security In (Addison-Wesley Software Security Series) (Paperback) Gary McGraw  19 Deadly Sins of Software Security (Security One-off) by Michael Howard, David LeBlanc, John Viega  Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson  Reference courses:  CS161: Computer Security, By Dawn Song from UC, Berkley. CS161: Computer Security  Software Security, by Erik Poll from Radboud University Nijmegen. Software Security  Introduction to Software Security, by Vinod Ganapathy from Rutgers Introduction to Software Security  Wikipiedia: Great resource and tutorial for initial learning Wikipiedia  Other references as we go on:  First time to teach it, learn as it goes on

7. 7 Course Introduction  Coursework face-to-face online streaming  In-class presentation 20% N/A  In-class participation 10% N/A  Paper review reports N/A 25%  Homework 15% 20%  Program projects 25% 25%  Final term project 30% 30%  Paper presentation  About half of the course time  The other half is my lecture time  Only face-to-face students participate  Online students:  Write reports on presented papers  Comment on student presentation

8. 8 Course Introduction  Programming projects  Probably will have 2 to 3 programming projects  Example:  stack buffer overflow, software fuzz testing, Internet worm propagation simulation  Term project is a research like project  Two students as a group  Or yourself if you cannot find a partner if you are an online student  Find topics by yourself  Must related to malware and software security  In-class short presentation of your project proposal  Will have term project in-class presentation in final exam period

9. 9  Questions?