wkr

Teaching

Courses

The following is a list of courses that I've taught at Northeastern.

Advanced Topics in Malware

CS 7780 is a graduate level course on malicious software, or malware. In this course, we will examine malware both through the lens of recent academic literature as well as through a series of practical exercises. The aim is to explore how malware manifests in systems-level code, on the Web, and in mobile devices, and to discuss approaches to dealing with malware in each of these settings. Representative topics of discussion include those from the following non-exhaustive list.

  • Vulnerability discovery
    • Program analysis
    • Fuzzing
  • Malware detection using program analysis
  • Malware classification and triage
  • Intrusion detection
  • Malware containment

The format of the classes will be biased towards interactive discussion, with little emphasis on lectures. Students should come to class prepared to discuss the week's readings and assignments.

Network Security

CS 4740/6740 is a mixed undergraduate and graduate-level course on network security covering a diverse range of topics at all layers of the networking stack, from physical to application-level security. The course focuses on the intersection between systems security principles and networking, from abstract models to their application in systems code, the Web, and mobile platforms. There is a pronounced emphasis on practical techniques for both defending and attacking systems in support of the high-level goal to impart the “attacker mindset.”

Capture-the-Flag

For the past decade, I've been participating in and organizing Capture-the-Flag (CTF) competitions.

References

Over the course of teaching systems topics, there are questions that tend to come up often. So, I've put together a number of tutorials and quick pointers to background information that is often helpful when taking my courses.

If you have suggestions for improvements or other topics to discuss, please feel free to leave a comment or email me.

Advice for Applicants

Advice for applicants to Northeastern's CCIS program.

Build Systems

Building systems code on UNIX-like operating systems.

C Development on Linux

Developing C applications on Linux.

Debugging Linux Programs

Debugging Linux applications.

Network Dump Capture and Analysis

Capturing and analyzing network dumps with tcpdump and wireshark.

Secure Shell

Secure remote shell access, file transfer, connection forwarding, and more with SSH.

TMux

The terminal multiplexer.

Version Control

Using version control systems.