CSCI 4907/6545 Software Security
| Instructor | Jie Zhou |
|---|---|
| jie.zhou@gwu.edu | |
| Office | SEH 4590 |
| Lectures | Tue & Thurs 09:35–10:50 a.m. at MON 110 |
| Office Hours | Thurs 11–12 a.m. or by appointment via email |
Description
Software security plays an invisible yet critical role in ensuring reliable and trustworthy services for modern computing platforms. However, we are facing significant challenges in engineering secure software systems. In this course, we will explore these challenges, with an emphasis on low-level software security. We will examine the root causes and exploitation techniques of common software vulnerabilities. We will also discuss the countermeasures, including both classic defenses deployed in production software as well as cutting-edge and experimental mechanisms.
Prerequisites
The core prerequisite is a solid background in computer systems and low-level programming. Computer Architecture (CSCI 6461) and Systems Programming (CSCI 2410), or equivalent courses, are required. Operating Systems (CSCI 3411) is preferred but not strictly necessary. If you do not meet the prerequisites yet are still interested and have a good understanding of systems, please check with the instructor.
Learning Goals
Upon completion of this course, student are expected to:
- Understand the fundamental security threats to software systems.
- Understand the common defenses against software vulnerability exploitations.
- Have developed a secure programming mindset for software development.
For a more detailed outline of the topics of this course, see the syllabus and the schedule.
Grading
Grading is based on solving machine problems, writing summaries and answering questions about readings, and a students-led discussion of a research paper (group work). In addition, class participation is valued, particularly asking questions in class and office hours. There will be no exams.
| Machine Problems | 40% |
|---|---|
| Reading Comprehension | 45% |
| Paper Discussion | 10% |
| Class Participation | 5% |
Lateness Policy
Request for extension will be considered, but the request must be submitted via email before the deadline.
Academic Integrity
Students who take this course must strictly adhere to GW's Code of Academic Integrity.
Use of generative AI: Tools such as ChatGPT are permitted for learning purposes, e.g., generating explanations for concepts. However, they are strictly prohibited from generating content for your machine problems and writing assignments. The instructor may test students with oral questions about your submissions. Failures to answer consistently and clearly will be considered as a violation of academic honesty. First offense incurs a 0 on the assignment, and second one is F in the class.
If you are uncertain about what is permitted and what is not, please ask the instructor.