• Class Number 4418
  • Term Code 3230
  • Class Info
  • Unit Value 6 units
  • Mode of Delivery In Person
  • COURSE CONVENER
    • AsPr Alwen Tiu
  • LECTURER
    • AsPr Alwen Tiu
    • Dr Silvio Cesare
  • Class Dates
  • Class Start Date 21/02/2022
  • Class End Date 27/05/2022
  • Census Date 31/03/2022
  • Last Date to Enrol 28/02/2022
  • TUTOR
    • Cassy Chun-Crogan
    • Darren Li
    • Leopold Zhou
    • Tali de Mestre
SELT Survey Results

Software Security covers advanced techniques in software vulnerability assessment, discovery and mitigation. These include: common patterns in software vulnerabilities, such as stack-based buffer overflow, format string vulnerabilities, and heap-based vulnerabilities; exploitation techniques such as code injection, return-oriented-programming; techniques for vulnerability discovery, such as program binaries reverse engineering, fuzzing and symbolic execution; and mitigation techniques such

as memory protection mechanisms, input sanitation, and control flow integrity protection. The course features hands-on lectures and labs to analyse software vulnerabilities, both in the source code and in program binaries, and design and implement appropriate mitigation techniques.

Learning Outcomes

Upon successful completion, students will have the knowledge and skills to:

  1. Demonstrate a thorough understanding of common sources of vulnerabilities in software.
  2. Demonstrate a thorough understanding in exploitation techniques against software vulnerabilities and defensive techniques against these exploitations.
  3. Demonstrate proficiency in software reverse engineering.
  4. Demonstrate proficiency in vulnerability discovery processes, from both source code and binary.
  5. Apply the vulnerability discovery techniques to real-world software, analyse their vulnerabilities and design and implement appropriate mitigation techniques.

Research-Led Teaching

This course covers both foundational and advanced topics in binary analysis and exploitation, including state-of-the-art exploitation techniques and vulnerability discovery techniques taught by researchers and practitioners in the field.

Examination Material or equipment

All examination materials are permitted.

Required Resources

Main textbooks:

-        [DA19] Dennis Andriesse. Practical Binary Analysis - Build Your Own Linux Tools for Binary Instrumentation, Analysis and Disassembly. No starch press, 2019.

-        [WD19] Wenliang Du. Computer Security: A Hands-on Approach. 2nd edition, 2019.


Other references:

-        [CA07] Chris Anley, Felix Lindner, and John Heasman. The Shellcoder’s Handbook. 2nd edition, Wiley, 2007.

-        [AH12] Andrew Honig and Michael Sikorski. Practical Malware Analysis. No starch press, 2012.

-        Research papers and online references - to be provided in due course.


The labs will use extensively various tools. These will be provided as virtual machine (VM) images. Links to download these VMs will be provided during the labs. 

Whether you are on campus or studying remotely, there are a variety of online platforms you will use to participate in your study program. These could include videos for lectures and other instruction, two-way video conferencing for interactive learning, email and other messaging tools for communication, interactive web apps for formative and collaborative activities, print and/or photo/scan for handwritten work and drawings, and home-based assessment.

ANU outlines recommended student system requirements to ensure you are able to participate fully in your learning. Other information is also available about the various Learning Platforms you may use.

Staff Feedback

Students will be given feedback in the following forms in this course:

  • written comments
  • verbal comments
  • feedback to whole class, groups, individuals, focus group etc

Student Feedback

ANU is committed to the demonstration of educational excellence and regularly seeks feedback from students. Students are encouraged to offer feedback directly to their Course Convener or through their College and Course representatives (if applicable). Feedback can also be provided to Course Conveners and teachers via the Student Experience of Learning & Teaching (SELT) feedback program. SELT surveys are confidential and also provide the Colleges and ANU Executive with opportunities to recognise excellent teaching, and opportunities for improvement.

Class Schedule

Week/Session Summary of Activities Assessment
1 Basics of x86/x64 assembly; linux internals and binary formats.
2 Basic binary analysis Online quiz
3 Disassembly and binary analysis; simple code injection Assignment 1 released
4 Customising binary analysis
5 Stack-based exploitation Assignment 1 due
6 Return-oriented programming
7 Heap exploitation (part 1) Assignment 2 released
8 Heap exploitation (part 2)
9 Binary instrumentation Assignment 2 due
10 Fuzzing Assignment 3 released
11 Symbolic execution: basic concepts and tools
12 Vulnerability discovery and exploit generation (guest lectures) Assignment 3 due

Assessment Summary

Assessment task Value Learning Outcomes
Quiz 5 % 3,4
Assignment 1 15 % 3,4
Assignment 2 20 % 1,2,3,5
Assignment 3 20 % 1,2,3,4,5
Final Examination 40 % 1,2,3,4,5

* If the Due Date and Return of Assessment date are blank, see the Assessment Tab for specific Assessment Task details

Policies

ANU has educational policies, procedures and guidelines , which are designed to ensure that staff and students are aware of the University’s academic standards, and implement them. Students are expected to have read the Academic Integrity Rule before the commencement of their course. Other key policies and guidelines include:

Assessment Requirements

The ANU is using Turnitin to enhance student citation and referencing techniques, and to assess assignment submissions as a component of the University's approach to managing Academic Integrity. For additional information regarding Turnitin please visit the Academic Skills website. In rare cases where online submission using Turnitin software is not technically possible; or where not using Turnitin software has been justified by the Course Convener and approved by the Associate Dean (Education) on the basis of the teaching model being employed; students shall submit assessment online via ‘Wattle’ outside of Turnitin, or failing that in hard copy, or through a combination of submission methods as approved by the Associate Dean (Education). The submission method is detailed below.

Moderation of Assessment

Marks that are allocated during Semester are to be considered provisional until formalised by the College examiners meeting at the end of each Semester. If appropriate, some moderation of marks might be applied prior to final results being released.

Examination(s)

The final examination will be a computer-based examination, taking the form of a CTF challenge.

Assessment Task 1

Value: 5 %
Learning Outcomes: 3,4

Quiz

This quiz will test your basic knowledge of x86/x64 assembly and ELF binary format. It will take the form of an online quiz hosted on Wattle. It is a lightweight assessment item intended to prepare students for the more advanced material in the following weeks.

Assessment Task 2

Value: 15 %
Learning Outcomes: 3,4

Assignment 1

This assignment will feature problems related to basic binary analysis techniques. It will use a 'capture the flag' (CTF) format, where a successful exploitation would result in a unique 'flag' (that can be any random text). Students will be assessed based on the correctness of the submitted flag and/or a brief written response for each question.

Assessment Task 3

Value: 20 %
Learning Outcomes: 1,2,3,5

Assignment 2

This assignment will feature problems related to advanced binary analysis techniques and stack exploitation. This assignment uses the same CTF format as in Assignment 1, but there is a greater emphasis on the vulnerability analysis and the exploitation method. Each student is required to submit a detailed written report demonstrating their approach to solving the problems.


Assessment Task 4

Value: 20 %
Learning Outcomes: 1,2,3,4,5

Assignment 3

This assignment will feature problems related to heap exploitation, automated vulnerability discoveries. This assignment has two parts: heap exploitation and vulnerability discoveries. The first part takes the same format as in Assignment 2, whereas the second part requires the student to perform analyses on software artefacts to find vulnerabilities using fuzzing and symbolic execution techniques. Each student is required to submit a detailed written report demonstrating their approach to solving the problems.


Assessment Task 5

Value: 40 %
Learning Outcomes: 1,2,3,4,5

Final Examination

The final examination will take the form of a CTF challenge. This will be a computer-based examination. Each student will be assigned a unique a set of challenge problems related to topics covered in this course. To gain full score for each problem, a student will need to uncover a ‘flag’ associated with that problem, and provide a short written explanation of their discovery and exploitation process. The flag will be hidden or obscured in some ways, and the process to uncover the flag may require code analysis, code patching, vulnerability discovery and/or writing exploits. 


Academic Integrity

Academic integrity is a core part of the ANU culture as a community of scholars. The University’s students are an integral part of that community. The academic integrity principle commits all students to engage in academic work in ways that are consistent with, and actively support, academic integrity, and to uphold this commitment by behaving honestly, responsibly and ethically, and with respect and fairness, in scholarly practice.


The University expects all staff and students to be familiar with the academic integrity principle, the Academic Integrity Rule 2021, the Policy: Student Academic Integrity and Procedure: Student Academic Integrity, and to uphold high standards of academic integrity to ensure the quality and value of our qualifications.


The Academic Integrity Rule 2021 is a legal document that the University uses to promote academic integrity, and manage breaches of the academic integrity principle. The Policy and Procedure support the Rule by outlining overarching principles, responsibilities and processes. The Academic Integrity Rule 2021 commences on 1 December 2021 and applies to courses commencing on or after that date, as well as to research conduct occurring on or after that date. Prior to this, the Academic Misconduct Rule 2015 applies.

 

The University commits to assisting all students to understand how to engage in academic work in ways that are consistent with, and actively support academic integrity. All coursework students must complete the online Academic Integrity Module (Epigeum), and Higher Degree Research (HDR) students are required to complete research integrity training. The Academic Integrity website provides information about services available to assist students with their assignments, examinations and other learning activities, as well as understanding and upholding academic integrity.

Online Submission

You will be required to electronically sign a declaration as part of the submission of your assignment. Please keep a copy of the assignment for your records. Unless an exemption has been approved by the Associate Dean (Education) submission of the written component of an assingment (if applicable) must be through Turnitin.

Hardcopy Submission

For some forms of assessment (hand written assignments, art works, laboratory notes, etc.) hard copy submission is appropriate when approved by the Associate Dean (Education). Hard copy submissions must utilise the Assignment Cover Sheet. Please keep a copy of tasks completed for your records.

Late Submission

Late submission not permitted. For each assessment item, unless otherwise approved by the course convener, a late submission will receive a 100% penalty of the possible mark for the assignment.

Referencing Requirements

The Academic Skills website has information to assist you with your writing and assessments. The website includes information about Academic Integrity including referencing requirements for different disciplines. There is also information on Plagiarism and different ways to use source material.

Extensions and Penalties

Extensions and late submission of assessment pieces are covered by the Student Assessment (Coursework) Policy and Procedure. Extensions may be granted for assessment pieces that are not examinations or take-home examinations. If you need an extension, you must request an extension in writing on or before the due date. If you have documented and appropriate medical evidence that demonstrates you were not able to request an extension on or before the due date, you may be able to request it after the due date.

Privacy Notice

The ANU has made a number of third party, online, databases available for students to use. Use of each online database is conditional on student end users first agreeing to the database licensor’s terms of service and/or privacy policy. Students should read these carefully. In some cases student end users will be required to register an account with the database licensor and submit personal information, including their: first name; last name; ANU email address; and other information.
In cases where student end users are asked to submit ‘content’ to a database, such as an assignment or short answers, the database licensor may only use the student’s ‘content’ in accordance with the terms of service – including any (copyright) licence the student grants to the database licensor. Any personal information or content a student submits may be stored by the licensor, potentially offshore, and will be used to process the database service in accordance with the licensors terms of service and/or privacy policy.
If any student chooses not to agree to the database licensor’s terms of service or privacy policy, the student will not be able to access and use the database. In these circumstances students should contact their lecturer to enquire about alternative arrangements that are available.

Distribution of grades policy

Academic Quality Assurance Committee monitors the performance of students, including attrition, further study and employment rates and grade distribution, and College reports on quality assurance processes for assessment activities, including alignment with national and international disciplinary and interdisciplinary standards, as well as qualification type learning outcomes.

Since first semester 1994, ANU uses a grading scale for all courses. This grading scale is used by all academic areas of the University.

Support for students

The University offers students support through several different services. You may contact the services listed below directly or seek advice from your Course Convener, Student Administrators, or your College and Course representatives (if applicable).

AsPr Alwen Tiu
61253666
u4301469@anu.edu.au

Research Interests


computational logic, formal methods, cyber security

AsPr Alwen Tiu

Tuesday 11:00 12:00
Tuesday 11:00 12:00
AsPr Alwen Tiu
61253666
alwen.tiu@anu.edu.au

Research Interests


AsPr Alwen Tiu

Tuesday 11:00 12:00
Tuesday 11:00 12:00
Dr Silvio Cesare
61253666
silvio.cesare@anu.edu.au

Research Interests


Dr Silvio Cesare

Cassy Chun-Crogan
Cassandra.Chun-Crogan@anu.edu.au

Research Interests


Cassy Chun-Crogan

Darren Li
61253666
DiLong.Li@anu.edu.au

Research Interests


Darren Li

Leopold Zhou
61253666
Leopold.Zhou@anu.edu.au

Research Interests


Leopold Zhou

Tali de Mestre
61253666
u6980736@anu.edu.au

Research Interests


Tali de Mestre

Responsible Officer: Registrar, Student Administration / Page Contact: Website Administrator / Frequently Asked Questions