CEA036
The Attack and Defense of Computers

• Instructor: Dr. Fu-Hau Hsu (許富皓)
  
  • Location: 工程五館 Room B301
• TA:
  • 石明裕 (aa3710079 at gmail dot com)
    • Office Hour:
    • Location: 工程五館 Room B322-1
  • 彭泰淇 (s103321012 at mail1 dot ncnu dot edu dot tw)
    • Office Hour:
    • Location: 工程五館 Room B322-1

*** Seating Chart ***

Total Grades

• Grade (updated: 22nd June)

1. Syllabus (3rd March)
2. Malware: Logic Bombs, Key Logger, URL Injection, Browser Hijackers, Trojan Horses, and Spyware. (10th March)
3. Internet Worms, Buffer Overflow Attacks, and Heap Overflow Attacks (17th March)
4. Internet Worms, Buffer Overflow Attacks, and Heap Overflow Attacks (24th March)
5. Return-into-libc attacks, BOA Countermeasures, Drive-by Download, Rogue Anti-Virus and Botnet (31st March)
6. Botnet (7th April)
7. Botnet and Disk Layout, BIOS, and Viruses (14th April)
8. Midterm
   • Date: 7:00PM ~ 9:00PM, 21st April
   • Location: The same place as the class's
   • The exam. questions will be given in the essay-question form.
   • There are 10 short essay questions in the Midterm.
   • The total score of the midterm is 110.
   • The midterm only covers the materials taught before the midterm (Slide 28 of Virus).
   • Close book exam.
9. Backdoors, sniffer, and Rootkits for Linux/Unix (28th April)
10. Rootkits for Linux/Unix (5th May)
11. Magic Cookies and Web Bugs (12th May)
12. HTTP cookies (19th May)
13. Cross-Site Scripting (XSS) and SQL Injection (26th May)
14. SQL Injection and Account Stealing (2nd June)
15. TCP Session Hijacking, ARP Spoofing and Format String Attacks, and DoS/DDoS Attacks (9th June)
16. Final Exam.
    • Date: 7:00PM ~ 9:00PM, 16th June
    • Location: The same location as the class
    • The exam. questions will be given in the essay-question form.
    • There are 14 short essay questions in the final exam.
    • The total score of the final exam. is 110 points.
    • All of the final exam. questions come from the materials taught after the midterm.
    • Close book exam.
17. supplementary material, not covered in the final exam.
    • DOM-based XSS
    • Idle Scan, OS Fingerprinting, Footprinting, and Port Scanning.
    • DNS Servers and DNS Server Attacks
    • Whois Server

Semester Project

• Project (posted: 17th April)
• Group List (posted: 18th April)
• Lab Location: Room A206, Engineering Building 6.
• Installtaion manual of Virtual Box. (posted: 18th April)
• Host Allocation Map (posted: 18th April)

Announcement

• Project Team (posted: 24th Feb.)
  • Each team consists of 3 students.
  • Please e-mail your team list to the TA before 20th March.
  • The team list should contain the name, student ID, and e-mail address of every team member.
• Due to the coronavirus, the school asks that each student must sit on the fixed chair this semester for each course. This is this semester's seating chart of this course. Please take your seat according to this chart. (posted: 18th March)
• Due to the coronavirus, the school asks that each student must wear a face mask during the class. (7th April)
• The semester project has been posted on this web page. (posted: 17th April)
• Project Team Members (posted: 17th April)
  • Each team consists of 3 students.
  • Please e-mail your team list to the TA before 25th April.
  • The team list should contain the name, student ID, and e-mail address of every team member.
  • If you have not found your teammates, please tell the TAs your current situation before 25th April. The TAs will help you find your teammates.
• Midterm
  • Date: 7:00PM ~ 9:00PM, 21st April
  • Location: The same place as the class's
  • The exam. questions will be given in the essay-question form.
  • There are 10 short essay questions in the Midterm.
  • The total score of the midterm is 110.
  • The midterm only covers the materials taught before the midterm (Slide 28 of Virus).
  • Close book exam.
• The Midterm Grades have been posted on this course web page. (posted: 26th April)
• Buffer overflow demo related files by 邱韜. (posted: 6th May)
  • introduction of gdb and pwntools
  • vulnerable program
  • attack payload
• The Grades of midterm make-up exam have been posted on this course web page. (posted: 18th May)
• Final Exam. (posted: 11th June)
  • Date: 7:00PM ~ 9:00PM, 16th June
  • Location: The same location as the class
  • The exam. questions will be given in the essay-question form.
  • There are 14 short essay questions in the final exam.
  • The total score of the final exam. is 110 points.
  • All of the final exam. questions come from the materials taught after the midterm.
  • Close book exam.
• Total grades (posted: 22nd June)
  • The Total Grades of this course have been posted on this web page.
  • If you have any question about your final grades of this course, come to my office between 11:00 AM and 11:30 AM 24th June. After that time, I will submit the grades of this course to the school, which means after then I am no longer able to change any grade.

Referenced Material

• Shell Code
• Some interesting security-related or attacker web sites:
  • National Vulnerability Database
  • US CERT
  • SANS InfoSec Reading Room
  • Phrack Magazine
  • Blackhat
  • SecurityFocus
• Buffer Overflow-Related Papers
  • Smashing The Stack For Fun And Profit
  • Stack Smashing Vulnerabilities in the Unix Operating System
  • The Art of Writing Shellcode, by smiler.
  • w00w00 on Heap Overflows
  • The advanced return-into-lib(c) exploits
  • The Tao of Windows Buffer Overflow
  • New Chips Stop Buffer Overflow Attacks
  • Sined's collection of intermediate papers WEB Page
  • HP-UX (PA-RISC 1.1) Overflows