CAP6135: Malware and Software Vulnerability Analysis
(Spring 2010)

Home                      Schedule notes                        Assignment

Instructor:        Dr. Cliff Zou (HEC-335),  407-823-5015,   czou @

Course Time:   Tuesday/Thursday 3:00am - 4:15am,   HEC 302

Teaching Assistant: Baber Aslam, HEC313, <>

Course Webpage:

Office Hour:    Tuesday/Thursday 1pm - 3pm

Senior standing or graduate student
Knowledge on programming language (preferring C or C++)
Knowledge on computer architecture, algorithm, and networking
Knowledge on the basic usage of Unix environment

Textbook:    No require textbook. We will use research papers and some contents from the following reference books.

    . Building Secure Software: How to Avoid Security Problems the Right Way  by John Viega, Gary McGraw

    . Software Security: Building Security In (Addison-Wesley Software Security Series) (Paperback) Gary McGraw

    . 19 Deadly Sins of Software Security (Security One-off)  by Michael Howard, David LeBlanc, John Viega

    . Hacking: The Art of Exploitation, 2nd Edition by Jon Erickson


     This course will provide an introduction to several important aspects about malicious codes and software security, including Internet virus/worm/spam, typical software vulnerabilities, fuzz testing, secure programming, software testing, vulnerability prevention techniques, etc. In addition, we will provide representative research papers on software security for students to read, present and discuss in order to learn the frontier of software security research and tools. Students will have a final research-oriented term project to work on any software security related research topics. During the semester, we will have about three programming projects on topics such as buffer-overflow exploit, fuzz testing, malware simulation.


+/- grading system will be used. The tentative weights are as follows:

Face-to-face students              Video streaming students

        In-class presentation               13%                                        N/A

        In-class participation                7%                                        N/A

        Paper review reports               N/A                                        20%

        Homework                             20%                                        20%

        Program projects                    30%                                        30%

        Final term project                   30%                                        30%