Lab Environment

  • Virtual Machine Software: Install VirtualBox (version 4.2.6 or newer). This is a free software.
  • Ubuntu 16.04 Virtual Machine Image: Download our pre-built Ubuntu 16.04 virtual machine image. All the Linux labs use this image. Here is the user manual, which includes the account and password information, list of software and servers installed, and configuration. To use this image, do the following:

Note: For the lab setup, you do not need to submit anything. However, we strongly urge you to get the environment set up as soon as possible, and start getting familiar with the environment. For those who are not familiar with the Linux operating system, you need to spend extra time.

Labs

Labs
Due Date
Points
Lab 1: Environment Variable and Set-UID Lab
5
Lab 2: Buffer Overflow Vulnerability Lab
5
Lab 3: Race Condition Vulnerability Lab
4
Lab 4: Web Basics (see Piazza post)
2
Lab 5: CSRF Attack Lab
5
Lab 6: SQL Injection Lab
5
Lab 7: Cross-Site Scripting Attack Lab
4
Lab 8: Android Repackaging Attack Lab
5
Lab 9: Android Rooting Lab
5
Total Points
40

Notes

  • Working individually or in group: All labs are individual labs. You are encourage to discuss with others, but each student must independently carry out the tasks in the labs. You cannot copy code from other students. Any violation will be punished and reported to the university authority.
  • Demo: All students need to demonstrate their labs to the TAs or the professor.
  • Lab Report: For each lab, students need to submit a lab report. The due date is for the report. Students are expected to do the demo prior to the due date (usually during the lab sessions).
  • Lab Session: Students must attend each week's lab session. For each lab session, the TA will grade the students' performance. Students' grade for each lab consists of two parts: 50% from the performance in the lab session, and 50% from the lab report.