Software Security
| Course Code | CBER-711 |
|---|---|
| Lecture hours per week | 2 |
| Lab hours per week | 2 |
| Course Availability | Open |
| Description | This main purpose of the course is to provide basic knowledge of the techniques that are used for securing and protecting software from tampering, reverse engineering, and piracy. The courses will cover methods of software security and protection including code obfuscation to protect against reverse engineering; software watermarking to protect against software piracy; tamper proofing to protect against integrity-violations of software; and models of security for specifying attack strategies, metrics, and principles. This course takes an open approach to describe the concepts and technologies with real examples related to software security and protection. This course covers the following topics: secure software engineering, defensive programming; identify and exploit the software vulnerabilities that can be introduced into programs through language features and poor programming practice: control-flow hijacking attacks (buffer overflows, format string bugs, integer overflows, heap attacks), exploitation techniques (string analysis, fuzzing, bug finding), analysis of code for security errors, safe languages, sandboxing techniques, and tools for writing secure code; introduce (briefly) malicious software (malware) as a typical consequence of a successful software exploitation; discuss the countermeasures that can mitigate the exploitation of such software vulnerabilities; code obfuscation to protect against reverse engineering; software watermarking to protect against software piracy; tamper proofing to protect against integrity-violations of software; disk and dongle protection against software and media piracy. |