Study of vulnerabilities & automatic exploit generation

Spring 2010

Student
Abeer Agrawal
Advisor
David Brumley
Project description

To study various types of web-based and local exploits, including buffer, string and integer overflows, to learn how to come up with exploits for them and how to prevent these. Also to study automatic patch based exploitation techniques and how effective they are against such bugs. Reference various papers, such as the famous Smashing the Stack for Fun and Profit, study web based and other vulnerabilities using online resources such as the website securityfocus.org. Identify and write exploits for open source software such as Linux. Take part in a research group on automatic exploit generation through symbolic execution.

Return to project list