Course Policy for SI485h Spring AY17
- Asst. Prof. Adam J. Aviv
- This class covers the foundations of how programs execute on Unix/Linux machines, to take advantage of vulnerable programs in C and x86 by exploiting them, and the techniques of those exploits primarily focused on the stack execution model.
Course Objectives and Assessment
- Understand how programs are loaded and executed in a typical computing environment
- The ability to trace the execution of a program using standard tools (e.g., gdb)
- The ability to identify vulnerabilities in software
- Read, write, and understand x86 assembly programs
- Understand system level defenses (e.g., ASLR, stack cannaries) and how to circumvent them
- Develop and deploy stack based exploits (e.g., stack overflows, format string attacks, ROP)
- Hacking: The art of exploitation, 2nd Edition. Jon Erickson. No Starch Press. (Required/Strongly Recommended)
- You are strongly encouraged to come in for extra instruction (EI) when you are having trouble.
- There is an open door policy on EI. If my door is open, you're welcome to ask for EI at that time, and I'll let you know if I am available. Most times I am.
- You can also schedule EI via email to ensure that I am available and ready to respond to your needs.
- You should also feel free to email me your questions and I will respond in a timely manner.
The honor and collaboration policy of this class references and adapts the language of Computer Science Department Instruction 1531.1D, Policy Concerning Programming Projects. We make the following course-specific adaptations and revisions below; however, when not explicitly stated, of the Department's policy holds.
Homework Collaboration Policy
- You may work freely with classmates on the homework. This includes working together and solving problems together.
- You are required to indicate all collaborators on your homework assignments.
- Each student must submit an individual assignment, and the pencile-to-paper/fingers-to-keyboard work must be your own. Even when collaborating, in many situations, we do not expect two students to produce the same answer.
- Copying of homework assignments is strictly forbidden and is considered an honor violation. We define copying as the act of viewing or discussing another's answers, copying down those answers without having completed the work individually.
Lab Collaboration Policy
- You may collaborate on all lab assignments for the purpose of discussion and problem exploration; however, each student must individually solve each of the lab assignments and submit their own solution.
- You are not allowed to share code or other solution material with others (e.g., the secret messages). However, you may discuss the main concepts and solution techniques with others and collaborate on developing a solution processes. Sharing specific solutions, however, is strictly against this policy.
- You are required to indicate all collaborators on your lab assignments via an appropriate mechanism (e.g., by submitting a README file). Collaborating and not indicating your collaborators is in violation of this and the departments policy.
- Beverages are permitted in classrooms and labs provided they are in closed containers. No food or smokeless tobacco is permitted in classrooms or labs.
- Vulgar language and classroom disruptions will not be tolerated. A student who disrupts the class for those reasons will be asked to leave immediately and will be marked has having left early in the attendance roster and may be considered for a conduct offense.
Homework Late Policy
- Homeworks for each unit will post on the first lecture of that unit and will be due on the assigned date for that homework.
- Homeworks must be submitted in hard copy to the instructor. Late homework will not be accepted without prior arrangement with the instructor
Lab Late Policy
- There is no fixed due date for the labs, and you may complete labs at any time during the semester, even well after they are assigned.
- There will be three lab assessment dates at which point your progress will be measured and a grade assigned. These dates correspond to the exam periods and will be announced on the course calendar.
Summary Report Late Policy
- Summary reports will be assigned and posted on the course calendar with the due date noted. Submission must occur via hard copy on the date noted.
- Late summary reports will not be accepted without prior arrangement with the isntructed.
- Final Exams are closed book and closed notes
- You will be allowed to bring in one hand written sheet of paper, two sided, with notes on it to be used during the final exam. You'll turn in your sheet with your final exam.
- There is one midterm exams occurring at roughly the 8 week mark.
- If you are unable to take the midterm, you must provide an alternative time to make up the exam to your instructor
- Midterm exams are closed book and closed notes
- You will be allowed to bring in one hand written sheet of paper, two sided, with notes on it to be used during the exam. You'll turn in your sheet with your exam, and will get it back upon grading the exam.
- There will be two quizzes during the semester occuring at the 4 and 12 week mark.
- Quizzes are designed to take about 1/2 a lecture period.
- If you cannot make a quiz due to an absence, you must make arrangements with your instructor to make up the quiz.
- There will be two practicum exams occuring at the 6 and 12 week mark.
- The practicum will consist of two-to-four short programming problems graded on a progressive scale. The scale will be announced with the practicum exam.
- Practicums are designed to test learning and problem solving skills in a realistic way, and are thus open notes and open Internet. However, you may not communicate with others, in a direct fashion (e.g, speaking with a classmate, texting with someone outside the classroom, posting on a message board, etc.).
- Each lab part will have an assigned point value, between 1 and 4. The point value of the lab is relative to the difficulty of the lab. There will be roughly 50 or so points assigned via the labs.
- All labs will be graded on a strict PASS/FAIL bases. No partial credit will be provided for lab submission; however, each part of a lab will be separately graded based on the number of points assigned to each part.
- Your overall lab grade will be graded on a logarithmic scale using the following formula. grade = log(c+1)/log(n+1) where n is the total points assigned, and c is the total points earned by completing a lab. For example, with 25 assigned points, here's some grade break downs:
- 5/25 = log(6)/log(26) = 54% (completing 20% of the assigned work)
- 10/25 = log(11)/log(26) = 73% (completing 40% of the assigned work)
- 15/25 = log(16)/log(26) = 83% (completing 60% of the assigned work)
- 20/25 = log(21)/log(26) = 93% (completing 80% of the assigned work)
- 25/25 = log(26)/log(26) = 100% (completing 100% of the assigned work)
- Homeworks are assigned for each unit and should be turned in at the assigned date, in hard copy.
- The weight of each homework will be noted on the homework in terms of the total points available for that homework.
- While EI is not required, it is strongly encouraged.
- You can receive 1% bonus on your final grade for attending at least two EI session prior to the 16-week grading mark.
- If you cannot make an EI session due to whatever reason (e.g., sports), you can conduct online, email discussion with your instructor based on the direction of your instructor.
Adam J. Aviv
CDR Michael Bilzor
CS Department Chair