• Offered by School of Computing
  • ANU College ANU College of Engineering and Computer Science
  • Course subject Computer Science
  • Areas of interest Computer Science
  • Academic career UGRD
  • Course convener
    • AsPr Alwen Tiu
  • Mode of delivery In Person
  • Offered in First Semester 2022
     See Future Offerings
Software Security (COMP3703)

This course has been adjusted for remote participation in Semester 1, 2022.

Software Security covers advanced techniques in software vulnerability assessment, discovery and mitigation. These include: common patterns in software vulnerabilities, such as stack-based buffer overflow, format string vulnerabilities, and heap-based vulnerabilities; exploitation techniques such as code injection, return-oriented-programming; techniques for vulnerability discovery, such as program binaries reverse engineering, fuzzing and symbolic execution; and mitigation techniques such

as memory protection mechanisms, input sanitation, and control flow integrity protection. The course features hands-on lectures and labs to analyse software vulnerabilities, both in the source code and in program binaries, and design and implement appropriate mitigation techniques.

Learning Outcomes

Upon successful completion, students will have the knowledge and skills to:

  1. Demonstrate a thorough understanding of common sources of vulnerabilities in software.
  2. Demonstrate a thorough understanding in exploitation techniques against software vulnerabilities and defensive techniques against these exploitations.
  3. Demonstrate proficiency in software reverse engineering.
  4. Demonstrate proficiency in vulnerability discovery processes, from both source code and binary.
  5. Apply the vulnerability discovery techniques to real-world software, analyse their vulnerabilities and design and implement appropriate mitigation techniques.

Indicative Assessment

  1. Assignments with practical hands-on components, and report writing with in-depth analysis of vulnerabilities and designs and implementations of mitigation techniques. (60) [LO 1,2,3,4]
  2. Final computer-based exam in vulnerability discovery and exploit writing. (40) [LO 3,4,5]

The ANU uses Turnitin to enhance student citation and referencing techniques, and to assess assignment submissions as a component of the University's approach to managing Academic Integrity. While the use of Turnitin is not mandatory, the ANU highly recommends Turnitin is used by both teaching staff and students. For additional information regarding Turnitin please visit the ANU Online website.

Workload

The workload will be approximately 130 hours, with a mixture of lectures, labs, assignments, independent reading and study.

Inherent Requirements

Information in inherent requirements for this course is currently not available

Requisite and Incompatibility

To enrol in this course you must have completed COMP2300 and COMP2700. It is incompatible with COMP2710 Software Security (offered in Semester 1 2020).

Prescribed Texts

none

Preliminary Reading

The following are indicative of reference material relevant to the course. Since software security (and cyber security in general) is a fast changing field, this list will be updated as necessary to take into account the latest development in the field.

  • Dennis Andriesse. Practical Binary Analysis - Build Your Own Linux Tools for Binary Instrumentation, Analysis and Disassembly. No starch press, 2019.
  • Wenliang Du. Computer Security: A Hands-on Approach. 2nd edition, 2019.
  • Andrew Honig and Michael Sikorski. Practical Malware Analysis. No starch press, 2012.
  • Chris Anley, Felix Lindner, and John Heasman. The Shellcoder’s Handbook. 2nd edition, Wiley, 2007
  • Research papers and online references

Fees

Tuition fees are for the academic year indicated at the top of the page.  

Commonwealth Support (CSP) Students
If you have been offered a Commonwealth supported place, your fees are set by the Australian Government for each course. At ANU 1 EFTSL is 48 units (normally 8 x 6-unit courses). More information about your student contribution amount for each course at Fees

Student Contribution Band:
2
Unit value:
6 units

If you are a domestic graduate coursework student with a Domestic Tuition Fee (DTF) place or international student you will be required to pay course tuition fees (see below). Course tuition fees are indexed annually. Further information for domestic and international students about tuition and other fees can be found at Fees.

Where there is a unit range displayed for this course, not all unit options below may be available.

Units EFTSL
6.00 0.12500

Course fees

Domestic International
Domestic fee paying students
Year Fee
2022 $4740
International fee paying students
Year Fee
2022 $6000
Note: Please note that fee information is for current year only.

Offerings, Dates and Class Summary Links

ANU utilises MyTimetable to enable students to view the timetable for their enrolled courses, browse, then self-allocate to small teaching activities / tutorials so they can better plan their time. Find out more on the Timetable webpage.

The list of offerings for future years is indicative only.
Class summaries, if available, can be accessed by clicking on the View link for the relevant class number.
2022
2023
2024

First Semester

Class number Class start date Last day to enrol Census date Class end date Mode Of Delivery Class Summary
4418 21 Feb 2022 28 Feb 2022 31 Mar 2022 27 May 2022 In Person View

Responsible Officer: Registrar, Student Administration / Page Contact: Website Administrator / Frequently Asked Questions