Ing Ind - Inf (Mag.)(ord. 270) - MI (481) COMPUTER SCIENCE AND ENGINEERING - INGEGNERIA INFORMATICA
*
A
ZZZZ
054308 - ADVANCED CYBERSECURITY TOPICS
Obiettivi dell'insegnamento
This course builds on the basic knowledge introduced by the "Computer Security" course to introduce advanced topics dealing with cybersecurity and offensive security in particular. For this reason the course uses a teaching approach that combines a set of evolving frontal lectures, combined with practical lab exercises where students will learn and apply offensive security research techniques; and an evolving flipped classroom analysis of relevant, bleeding edge research results from academic and hacker security conferences.
Risultati di apprendimento attesi
By the end of the course students will know several advanced exploitation and counter-exploitation techniques, both for in-memory exploitation and for web application vulnerabilities. After passing the exam, they will be able to analyze code for vulnerabilities, write practically working proof-of-concept exploits, and assess mitigation techniques in the context of (for instance) cybersecurity competitions or real-world enterprise red teaming.
Additionally, they will know how disassemblers, symbolic execution and reversing software works, and will be able to practically use them for binary analysis, malware analysis and exploitation.
Finally, they will have learned how to analyze and dissect cybersecurity research results, both from an academic and an industry standpoint.
Argomenti trattati
1 Software vulnerabilities and exploitation techniques
Exploitation techniques for software vulnerabilities by example (e.g. ROP chaining, common protection bypasses, heap exploitation, format string exploitation)
Web application vulnerabilities: exploitation of DOM-based XSS, CORS and other advanced web vulnerabilities
Penetration testing and red teaming in enterprise environments
2 Malware analysis and reverse engineering
Binary analysis fundamentals
Reverse engineering techniques
Symbolic execution, anti-debugging, packing
Malware analysis examples
Laboratory exercises will cover:
- reverse engineering fundamentals and tools (Ghidra, IDA, angr)
- malware analysis exercises
- exploitation challenges to solve with the advanced techniques demonstrated
Flipped classroom hours
During the flipped classroom hours we will focus on open security research challenges and themes, such as:
1. Attacker goals and motivations and the economics of cybercrime
2. New classes of software vulnerabilities and their detection
3. Large-scale analysis of security data
4. Malware analysis, computer virology (theoretical and practical)
5. Hardware and embedded systems security
6. Cyberwarfare and cyberdefense; protection of critical infrastructures
The flipped classroom exercise will be accomplished by drawing papers from recent scientific results from the conference circuit of cybersecurity, either academic (IEEE S&P, ACM CCS, NDSS, Usenix mostly) or industry (e.g. Black Hat briefings, Hack In The Box...), and structuring panels of students that will present and discuss each paper in class under the guidance of the instructor.
Prerequisiti
The course will assume that the students have attended the "Computer Security" course, and already know the following topics:
- Fundamentals of exploitation of buffer overflow and format string vulnerabilities
- Fundamentals of web exploitation
- Understanding of X86 assembly
Modalità di valutazione
The exam is evaluated through:
- the flipped classroom activities (participation and preparation of materials): 40%
- evaluation of the laboratory activities and participation: 20%
- final challenge-based exam (CTF) or final project: 40%
Bibliografia
Chris Anley, John Heasman, Felix "FX" Linder, Gerardo Richarte, The Shellcoder's Handbook: Discovering and Exploiting Security Holes, Editore: John Wiley and sons, Anno edizione: 2007
Chris Eagle, The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler, Editore: No Starch
Reverse Engineering for Beginnershttps://beginners.re/
Software utilizzato
Nessun software richiesto
Forme didattiche
Tipo Forma Didattica
Ore di attività svolte in aula
(hh:mm)
Ore di studio autonome
(hh:mm)
Lezione
8:00
12:00
Esercitazione
26:00
39:00
Laboratorio Informatico
16:00
24:00
Laboratorio Sperimentale
0:00
0:00
Laboratorio Di Progetto
0:00
0:00
Totale
50:00
75:00
Informazioni in lingua inglese a supporto dell'internazionalizzazione
Insegnamento erogato in lingua
Inglese
Disponibilità di materiale didattico/slides in lingua inglese
Disponibilità di libri di testo/bibliografia in lingua inglese
Possibilità di sostenere l'esame in lingua inglese
Disponibilità di supporto didattico in lingua inglese