## ENEE759: Software Security via Program Analysis
* Time: Monday, Wednesday 12:30pm -- 1:45pm (75 mins)
* Instructor: [Prof. Yonghwi Kwon](http://yongkwon.info) (yongkwon@umd.edu)
* Location: [AJC 2121](https://25live.collegenet.com/pro/umd#!/home/location/2982/details) (A James Clark Hall Room 2121)
* [Zoom (Remote) Access](https://umd.zoom.us/j/94702552858?pwd=ZU9LOW1xSE1pM2Z4eWE5TXF4ZUNDdz09)
* Discord: https://discord.gg/D6XMtpCMyK
## Introduction
Software is a critical target of cyber attackers. Cybercriminals spend significant effort understanding software systems, exploiting their weaknesses to achieve malicious goals.
At the same time, software is at a critical location for security. It interacts with the underlying hardware and the users/attackers. In other words, the software is at the intersection of all critical security entities, meaning it can be the ideal place to implement security measures.
This course aims to teach how to develop secure computing systems from the software security perspective. In particular, we focus on understanding attackers and their offensive techniques.
#### Subjects of Focus
1. **Understanding Attackers**: Types of Attackers, Attack Motives/Objectives, Threat Models.
2. **Automated Attacks**: Why do attackers automate the attacks? (e.g., probabilistic defenses), Techniques to automate the attacks, Thwarting the automated attacks.
3. **Automated Program Analysis**: Finding vulnerabilities: Double-edged sword, Techniques to conduct program analysis.
4. **Automated Defenses**: Techniques to build automated defenses, Defending attacks on automated defenses.
## Prerequisites
This course does not have particular prerequisites. However, this course **assumes** that you are familiar with the **C programming language** and core computer concepts (e.g., **Compiler**, **Programming Language**). If you are not familiar with those, you may have to spend **extra time** to learn those. The course will provide materials and guidance.
* It would be great if you have experience in **x86 assembly**, **compilers** (particularly back-ends, i.e., code generator), and **system/kernel programming**.
* If you are not sure, [you can take this quiz (click this link to open the quiz)](https://forms.gle/z4g8bTPAyqce1Z5k7). If you score more than 8, you are good to go.
## Linux environment (x86 64)
Assignments will require a Linux environment. You should anticipate setting up a virtual machine if you don't run Linux natively. Using VirtualBox and WSL version 2 are recommended.
* **ASLR**: [Please see this page to turn off ASLR](https://hackmd.io/@yonghwikwon/Hkrqi7756).
### x86 64 Machine
* VirtualBox: https://www.virtualbox.org/
* [VM Image](https://drive.google.com/file/d/1MnDanJYEGlhlnLApDygi_mN4XRhSRnlI/view?usp=sharing)
* Password: `cvm` (Username: `classvm`)
* In the VM image, I have installed and compiled the Pin. (check out ~/pin folder).
* Please change the password!
#### Instruction
1. Download the file.
2. Import the file (File > Import Appliance > Select the downloaded ova file).
3. Change the password. The default credential is `cvm` (username is `classvm`)
4. To power off the machine, use "shutdown now" command (Don't just power off the VM, your file system may break).
### Apple M1/M2
* UTM: https://mac.getutm.app/
* [Download UTM dmg](https://drive.google.com/file/d/16eGVoIlMo-snl4VAKk_IoJxv9GtgDS-N/view?usp=sharing)
* [Download Xubuntu Image](https://drive.google.com/file/d/1dsY3EJzjHyQDNDbDCw3i8qAv3qGjzxqZ/view?usp=sharing)
* Create a VM
* Select `Emulate`, `Linux`
* Select the downloaded Xubuntu Image File
* Optional Settings:
* Memory: 8192 MB
* CPU Cores: 4
* Force Multicore
* Balloon Device
## Policies
### Grading Policy
We expect to determine grades as follows:
| Assignments | Percentage of Final Grade |
| -------- | -------- |
| 2 Projects | 70% |
| 3 Homeworks | 20% |
| Participation | 10% |
| **Total** | **100%** |
* We will have 3 homeworks. Each homework is worth 9 points. To get the full credit, you only need to have more than 20 points.
* Any points you earn beyond the 20 points can be used to compensate the scores in other (e.g., participation/projects)
### Late Policy
* Late policy: 1 day late (10% penalty), 2 days late (20% penalty), 3 days late (50% penalty), more than (and including) 4 days late (100% penalty)
* Late policy can be flexible under special circumstances. However, we will cover the answers during the class. Hence, once the answer is released, no new submissions can be accepted. To make up the score, one should consult with the instructor.
* All projects and homeworks are **individual**. Discussions are acceptable (but you should mention how much you discussed with whom. Code sharing is strictly NOT allowed. If you are not sure, please consult with the instructor.)
### Honor Policies
We expect all homeworks to be completed **individually**. You may not share code or consult assignment solutions from **previous semesters or other institutions**. You are encouraged, however, to discuss the assignments in general and provide advice to other students that **does not amount to sharing code, pseudocode, or instructions that otherwise essentially solve the assignment**. We may use automated tools to look for similarities between homework submissions that suggest excessive collaboration.
Your submissions for homeworks **should not make extensive use of code found online**. Incidental use (very brief utility code that is clearly unrelated to any major objective of the assignment, like looking up code for splitting a string into an array) is okay, but **must be clearly cited**. If you are unsure whether something would qualify as “incidental”, please consult the course staff first.
If we believe you have cheated, we may apply an arbitrarily harsh grade penalty up to and including an F in the course. This penalty is independent of (and potentially in addition to) any findings of the University Honor System.
### Accomodations
If you need any kind of special accommodations, including but not limited to disability, learning needs, illness, or personal circumstances, please contact us as soon as you are aware of these needs. We aim to be as accommodating and fair as possible.
If you are not sure if your situation warrants special attention, ask us.