Code Review

Contact information

For further information or to request a quotation, please contact the Professional Education Courses Unit on:

Enquiries Phone: 02 5114 5573

Enquiries Email: ProfEdCourses@adfa.edu.au

In-house delivery

UNSW Canberra Professional Education Courses may be available for in-house delivery at your organisation's premises. In-house courses allow maximum attendance without the additional travel costs. Courses can be developed to suit the specific staff development and training needs of your organisation. Recommended for groups of 10 or more.

This 5 day course will look at reviewing C/C++ code for security issues. The course is heavily based around practical auditing of actual C/C++ programs. Common coding bugs will be identified in set lectures and then students will apply the theory by reviewing real programs and identifying vulnerabilities. In addition to manual code review, automated means of vulnerability discovery will be briefly discussed, including fuzz testing and static analysis.

Topics covered include:

  • C/C++ Programming Language
  • Vulnerability discovery
  • Dynamic Program Analysis
  • C/C++ Bug Patterns
  • Open Source OS Kernel Auditing
  • Automating Code Review with Coccinelle Secure Coding 

What you will receive

  • Comprehensive set of course notes
  • UNSW Canberra certificate of attendance

Who should attend

This course is aimed at technical staff. It is suitable for vulnerability researchers looking to discover bugs in C/C++ software. It is equally suitable for software developers aiming to improve the security of their code.

UNSW Institute for Cyber Security

UNSW Institute for Cyber Security is a unique, cutting-edge, interdisciplinary research and teaching centre, working to develop the next generation of cyber security experts and leaders.

The centre is based in Canberra at the Australian Defence Force Academy and provides professional, undergraduate and post graduate education in cyber security. Our air-gapped, state of the art cyber range offers a secure environment where we deliver a number of technical and highly specialised learning opportunities.

Our courses are designed to give the next generation of cyber security professionals the skill sets needed to thrive in the industry. We can also create bespoke professional education programs tailored to your organisation's needs.

Contact us at cyber@adfa.edu.au to discuss how.

www.unsw.edu.au/cyber

Course Information

Learning Outcomes
add

On completion of this course, participants you should be able to:

  • Perform secure programming and identify potential flaws in codes to mitigate vulnerabilities.
  • Understand the auditing and review process of technical systems using code analysis tools.
  • Use security testing tools including 'fuzzing' static-analysis code scanning to perform code reviews.
  • Perform secure program testing, review, and assessment to identify potential flaws in codes and mitigate vulnerabilities.
  • Understand countermeasures and mitigations against potential exploitations of programming language weaknesses and vulnerabilities in systems and elements.

Course Day Breakdown
add

Day 1 - Review of C/C++ Programming Language

Day 1 starts off with a comprehensive review of C code language and commonly called functions. We’ll then move onto basic Debugging Functions, Pointers, Strings and Arrays and Dynamic Memory management techniques.

Topics

Type and Variables, Control Flow, Functions, Bitwise Arithmetic, Debugging, GDB, Changing a Register, Types of Arrays, Dereferencing, Pointer Operations, Buffer Functions, Strings, Allocating Memory, Buffer Overflows, Calloc, Dynamic Data Structures

Day 2 - C/C++ Bug Patterns

The session will introduce the concept of fuzzing in order to find unique crashes and exploitable cases, followed by an in-depth discussion around Static Program Analysis and advantages and limitations of Symbolic Execution processes.

Topics

Dumb Fuzzing, Generative Fuzzing, Fuzzing Internals, Lexical Analysis, Parsing, Intermediate Representations, Control Flow Analysis, Data Flow Analysis, Compiler Optimisations, SMT, Symbolic Execution.

Day 3 - C/C++ Bug Patterns cont.

Day 3 will delve into numerous examples of C Language Problems and Standard C Libraries. Unix APIs and Problems will be discussed and the day will conclude with an Introduction to Exploitation followed by several practical exercises.

Topics

Integers, Floating Point Numbers, printf, Stream IO, Tmpnam/access, Pthreads, Strings, Common Unix and Linux APIs, Vulnerable Program, Stack Layouts.

Day 4 - Open Source OS Kernel Auditing

The session will start with an overview of how to navigate the Linux Kernel and will also touch on Memory Bugs in OS Kernels and examine different types of OS Kernel Attack Surfaces.

Topics

Source Code Structure, Useful APIs, Memory Allocation, Memory Copying, File Systems, System Calls, Device Drivers.

Day 5 - Secure Coding

The final day of the course will go over SMT Solving, Reverse Engineering and Code Review Strategies. Students will get to put their newly acquired skills and knowledge into practice through hands on exercises.

Topics

SMT-Lib, Z3, BitVectors, Small Programs, Large Programs, Symbol & Data Structure Recovery, Decompilation, Code Review.

NICE Framework Mapping
add

This course maps to the following NICE Framework KSAs (Knowledge, Skills & Abilities):

K0070: Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).

K0079: Knowledge of software debugging principles.

K0202: Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).

K0227: Knowledge of various types of computer architectures.

S0014: Skill in conducting software debugging.

S0060: Skill in writing code in a currently supported programming language (e.g., Java, C++).

S0085: Skill in conducting audits or reviews of technical systems.

S0174: Skill in using code analysis tools.

A0007: Ability to tailor code analysis for application-specific concerns.

What is the NICE Framework?

The National Initiative for Cybersecurity Education (NICE) Cyber Security Workforce Framework developed by the National Institute of Standards and Technology (NIST) establishes a taxonomy and common lexicon that describes cyber security work and job roles.

To find out more about the NICE Framework, go to: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

Cancellation policy
add

Courses will be held subject to sufficient registrations. UNSW Canberra reserves the right to cancel a course up to five working days prior to commencement of the course. If a course is cancelled, you will have the opportunity to transfer your registration or be issued a full refund. If registrant cancels within 10 days of course commencement, a 50% registration fee will apply. UNSW Canberra is a registered ACT provider under ESOS Act 2000-CRICOS provider Code 00098G.

Tags
lensCyber Security
lensProfessional Education