Speaker Prof. Dr. Stefan Brunthaler
Date TBD, (has once been Thursdays 10:00-12:00)
Module IN2362


  • run-time organization of programs
  • code injection attacks and defenses
    • buffer overflows and stack canaries
    • control-flow hijacking and control-flow integrity
  • code re-use attacks and defenses
    • return-oriented programming and software diversity
    • counterfeit object-oriented programming (COOP)
  • data attacks
    • non-control data attacks and data-flow integrity/randomization
  • current topics
    • theoretical limits of control-flow integrity
    • trends in software diversity

Relevant aspects of the lecture will be complemented by lab assignments.

Recommended Requirements

IN2227 - Compiler Construction I
IN2209 - IT Security