About The Course
Software is everywhere: in laptops and desktops, mobile phones, the power grid ... even our cars and thermostats. Software is increasingly the vehicle that drives our economy and our personal lives. But software’s pervasiveness, and its importance, make it a target: at the root of many security compromises is vulnerable software.
In this course we will look at how to build software that is secure.
To start, we must know what we are up against. As such, we will examine the most prevalent software design and implementation defects.
We will examine vulnerabilities like buffer overruns and use-after-frees that are present in programs written in low-level programming languages like C and C++, and see how these vulnerabilities can be exploited by a clever attacker. We will also look attacks on applications that are part of the worldwide web -- attacks with names like SQL injection, cross-site scripting, and session hijacking. We will also mention side-channel attacks (such as those based on the size of messages or the time taken to process a request), attacks on the human user (like phishing), and failures of design (like the use of insecure defaults). Examples of these attacks will be taken from the headlines.
Having examined these defects and their role in security compromises, we will look at how to prevent them entirely, or mitigate their effects, by improving the software's design and implementation. We will see that security must appear at all phases in the development lifecycle, including requirements development, system design, implementation, and testing/validation.
Finally, we will look at state-of-the-art tools and techniques for testing and otherwise verifying that software is secure. We will consider how security testing differs from functional testing (it's harder!). We will look at the art of penetration testing, which is the activity of trying to find and exploit weaknesses in a system prior to its deployment. We will also look at an emerging class of program analysis tools that can automatically identify flaws in programs by analyzing their code.
At the conclusion of the course, the student will know how to "build security in" rather than consider it as an afterthought, and will have a plethora of skills, applicable at each phase of the development cycle, that can be used to strengthen the security of software systems.
Frequently Asked Questions
- What resources will I need for this class? You will need a computer with a suitably high-bandwidth network connection to watch the videos and read the supplemental material. To do the three labs, you will need to run a Linux distribution in a (freely available) virtual machine (VM). You will have to download VM images that we provide and install them.
- What is the coolest thing I'll learn if I take this class? There are too many to count! You will learn about state-of-the-art attacks and how they work. You will also learn about state of the art automation, like fuzz testing, that can find vulnerabilities automatically.
- What background is expected for learners in this class? This course is targeted at those on the front lines of security, who are now, or will, develop software that could be subject to attack (which, in the end, is most software!). Therefore, we assume a technical background, with programming proficiency in C, and some knowledge of things like the web, networking, and Linux.
In detail, we expect
- a good knowledge of the C programming language (equivalent of at least a one semester undergraduate course), and
- programming proficiency in at least one language (either C, or another one, equivalent to 1-2 semesters).
- Unix/Linux (basic commands using the shell, and basic tools like gcc)
- the WWW and basic networking concepts (TCP, HTTP, HTML)
- Machine-level program execution and assembly language (ideally, Intel x86)