General Information

Course description

This course covers advanced techniques for writing exploits and patching vulnerabilities, taught through an intense, hands-on security laboratory. A significant part of this course involves solving Capture-The-Flag (CTF) and discussing strategies for solving such problems. This course covers a variety of topics including (but not limited to) reverse engineering, exploitation, binary analysis, and web.

This year, you should register for CS 8803 ISL (90922) or CS 4803 ISL (91969).

Prerequisite

Operating systems or equivalent (e.g., CS 3210 at GT).

Class meetings

• When: F 15:05-17:45 (3:05pm-5:45pm)
• Where: Klaus 2456 in the College of Computing Building

Office hours and recitation

We have an optional recitation (and office hours) from 18:00-19:00 in CoC 053 on Mon and in CoC 052 on Wed, every week.

Who should take CS 6265-seclab?

CS-6265 is primarily intended for motivated seniors and graduate students who are interested in learning the skill sets necessary to participate in CTF competitions (e.g., DEFCON CTF).

Grading policy

• 100% Lab.
• If you didn’t turn in a single (full) lab, you will get an F.
• No midterm or final exams.
• 40%: A, 30-40%: B, 30-20%: C and below (in each group).
• Three groups: undergraduate, masters and PhD students
• See Game Rules.

Online Discussion

Online discussion is strongly encouraged and it will help you a lot in solving lab problems. Please join Piazza and post your questions, ideas and thoughts.

Misconduct Policy

CS8803 provides a week of a grace period (50% points after due date) and we strictly follow the cheating policy (read GT’s Academic Misconduct Policy).

Important

Cheating vs. collaboration

Collaboration is a very good thing. On the other hand, cheating is considered a very serious offense and is vigorously prosecuted. Vigorous prosecution requires that you be advised of the cheating policy of the course before the offending act.

For this semester, the policy is simple: don’t cheat:

• Never share code or text on the project.
• Never use someone else’s code or text in your solutions.
• Never consult project code or text that might be on the Internet.

On the other hand, for this class, you are strongly encouraged to:

• Share ideas.
• Explain your code to someone to see if they know why it doesn’t work.
• Help someone else debug if they’ve run into a wall.

If you obtain help of any kind, always write the name(s) of your sources.

(ref. http://courses.cs.washington.edu/courses/cse451/15au/)

Don’t publish or post your work online (e.g., github). Any violation of these rules would result in F in your grade.

Staff/TA

• TAs: Insu Yun, Soyeon Park, Wen Xu, Dhaval Kapil
• Feel free to send us an email to make an appointment (mailto:staff)