General Information¶
Course Description¶
This course covers advanced techniques for writing exploits and patching vulnerabilities, taught through an intense, hands-on security laboratory. A significant part of this course involves solving Capture-The-Flag (CTF) and discussing strategies for solving such problems. This course covers a variety of topics including (but not limited to) reverse engineering, exploitation, binary analysis, and web.
Prerequisite¶
Operating systems or equivalent (e.g., CS 3210 at GT).
Class Meetings¶
Modules open at 8AM on Fridays (please visit Canvas for a detailed schedule)
On-site (-A section):
When: Fridays 3:30 pm - 6:15 pm
Where: CoC 102
Online (-O01/OCY section):
Where: Canvas module
Office Hours and Recitation¶
We have an optional recitation (and office hours) every week.
In-person Recitation (-A section)
Time: Tue/Wed 4-5 PM
Location: CODA C1015
Online Recitation (-O01/OCY section)
Time: Mon/Wed/Thu 3-4 PM
Location: Check Canvas for Zoom link
For the online recitation only:
We will use Chrome Remote Desktop as the remote desktop tool throughout this semester. If you need help with debugging, please send us a private post on Ed Discussion with the following information:
Access code
Problem(s) description
The TA team can then hold a remote session during office hours.
Who should take CS 6265-seclab?¶
CS-6265 is primarily intended for motivated seniors and graduate students who are interested in learning the skill sets necessary to participate in CTF competitions (e.g., DEFCON CTF).
Grading Policy¶
100% of your grade is determined by the total number of points earned across all labs. No tests, quizzes, exams, or projects. If you don’t turn in at least one flag for every lab, you will get an F. The precise point cutoffs will be announced on Canvas and/or Ed Discussion, but you can use the following approximate criteria as a guideline:
-A (in-person) section:
A: Average 7+ challenges per lab*
B: Average 6+ challenges per lab*
C: Average 5+ challenges per lab*
D: Average 5- challenges per lab*
F: Zero flags submitted for at least one lab.
-O01/OCY (online) section:
A: Average 5+ challenges per lab*
B: Average 4+ challenges per lab*
C: Average 3+ challenges per lab*
D: Average 3- challenges per lab*
F: Zero flags submitted for at least one lab.
*This assumes that you also earned all available points from the tutorials (meaning you actually got more than N flags per lab on average).
The expected grade distribution is 40% A, 30-40% B, and 20-30% C and below. Details about points can be found at General Rules.
Online Discussion¶
Online discussion is strongly encouraged and it will help you a lot in solving lab problems. Please log into Ed Discussion via Canvas and post your questions, ideas, and thoughts.
Misconduct Policy¶
CS 6265 provides a one week grace period for 50% points after each due date. We also strictly follow the cheating policy (read GT’s Academic Misconduct Policy).
Important
Cheating vs. collaboration
Collaboration is a very good thing. On the other hand, cheating is considered a very serious offense and is vigorously prosecuted. Vigorous prosecution requires that you be advised of the cheating policy of the course before the offending act.
- For this semester, the policy is simple: don’t cheat:
Never share code or text on the project.
Never use someone else’s code or text in your solutions.
Never consult project code or text that might be on the Internet.
- On the other hand, for this class, you are strongly encouraged to:
Share ideas.
Explain your code to someone to see if they know why it doesn’t work.
Help someone else debug if they’ve run into a wall.
If you obtain help of any kind, always write the name(s) of your sources.
(ref. http://courses.cs.washington.edu/courses/cse451/15au/)
Don’t publish or post your work online (e.g., on GitHub). Any violation of these rules will result in a course grade of F.
Staff/TA¶
TAs:
On-site: Seulbae Kim, Fabian Fleischer
O01/OCY: Mingyi Liu, Kevin Stevens, Chuhong Yuan
Feel free to send us an email to make an appointment (mailto:staff)