Simon Fraser University
Engaging the World

CourSys

Not logged in. Login

Actions

CMPT 783: Cybersecurity Lab II

We will use CourSys for all class materials, discussions and grading.

Lecture videos

Your grade will be:

  • Labs (60%)
  • Project (25%)
  • Quizzes (15%)

Syllabus

The topics covered in this course are:

I. System security

  • Shellcode development
  • Buffer overflow
  • Control-flow attacks and defenses
  • Format string vulnerabilities
  • Return-to-libc attacks
  • Return Oriented Programming

II. Network Security

  • Network architecture and routing
  • ARP/ICMP
  • Network analysis
  • TCP/IP attacks
  • DNS attacks
  • Firewalls
  • VPNs

Project

See Project explainer for grading and details.

Deadlines

  1. Project proposal (Feb 12th): Form a group and decide on a project topic. Submit a project proposal.
  2. First project progress report (Mar 11th)
  3. Second project progress report (Mar 25th)
  4. Presentation + Demo (April 8th)
  5. Final project report (April 15th)

Example topics

  • IoT vulnerabilities and defenses
  • Automated vulnerability analysis (static, dynamic)
  • Resolving Spectre/Meltdown attacks
  • Smart contract attacks
  • Network anomaly detection

Marking

Your project will be graded on the following:

  1. Presentation (30%) - communication skill, clarity, organization, and content;
  2. Report (30%) - professional writing, organization, and content;
  3. Code deliverable (40%) - novelty, impact, scale, and security skills demonstrated.

Schedule

Classes are held on Mondays from 9:30 AM to 11:20 AM at SECB1010. Recordings will be posted after each class.

Labs are held on Mondays from 12:30 PM to 4:20 PM at SECB1010. Lab reports will be due on the following Sunday.

Office hours are held on Thursdays from 2:00 PM to 2:30 PM on Zoom (https://sfu.zoom.us/j/8146113895). Note that technical questions on laboratory assignments are expected to be addressed during the lab.

Please e-mail me if you need to meet me at other times or in person.

Quizzes

There will be two quizzes. Each quiz will be held in person during the first 30 minutes of the lab.

The first quiz is on February 26 and will cover Lectures 1 to 6.

The quizzes are open book. All materials are permitted, but electronics are not permitted.

Materials

Lecture 1, Lab 1, Lab 1 explainer (Updated Jan 8 1PM to correct due dates and website IP)

Lecture 2, Lab 2, Lab 2 explainer, Lab 2 code

Lecture 3, Lab 3, Lab 3 explainer, Lab 3 code

Lecture 4, Lab 4, Lab 4 explainer, Lab 4 code

Lecture 5, Lab 5, Lab 5 explainer, Lab 5 code

Lecture 6, Lab 6, Lab 6 explainer, Lab 6 code

Lecture 7, Lab 7, Lab 7 explainer, Lab 7 code

Lecture 8, Lab 8, Lab 8 explainer, Lab 8 code

Lecture 9, Lab 9, Lab 9 explainer, Lab 9 code

Lecture 10, Lab 10, Lab 10 explainer, Lab 10 code

Lecture 11, Lab 11, Lab 11 explainer, Lab 11 code

Further reading

  • Computer & Internet Security: A Hands-on Approach, Wenliang Du, May 1 2019, 9781733003933
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response, Richard Bejtlich, Jul 15 2013, 9781593275099
  • Computer Networking: A Top-Down Approach (7th Edition), James Kurose and Keith Ross, Apr 26 2016, 9780133594140
Updated Mon March 25 2024, 09:07 by taowang.