CS492: Web Security Attack Laboratory
The course introduces various web attacks that trigger various vulnerabilities in target web services. The course also provides a lab session for each week, which helps students practice real attacks in simulated web environments. The goal of the course is to let students learn and understand various web threats via conducting the attacks by themselves.
Basic Information
- Lecture: Tuesday/Thursday 10:30 AM - 11:45 AM
- Instructor: Sooel Son
- Email: sl.son (at) kaist.ac.kr
- Homepage: https://sites.google.com/site/ssonkaist/
- Lecture room: E3-1 2243
- Lab sessions: Zoom session
- Office hours: Appointment only
- T.A.: Jihwan Kim
Evaluation
- Attendance & Class participation: 10%
- Lab sessions : 40%
- Assignments : 30%
- Final exam: 20%
Schedule
The following schedule is subject to change.
1st week
- 3/1: [Holiday]
- 3/3: [Course Introduction]
- Course preparation: [Lab session #0: Preparation]
2nd week
- 3/8: [Web Programming Basic #1: HTML and JavaScript]
- 3/10: [Lab session #1]
3rd week
- 3/15: [Web Programming Basic #2: Server-side Web Application]
- 3/17: [Lab session #2]
- Optional Lab session: [Lab session #3]
4th week
- 3/22: [SQL Injection]
- 3/24: [Lab session #4]
- Assignment #1 by 3/25
5th week
- 3/29:[Same Origin Policy & Cookie]
- 3/31:[Lab Session #5]
6th week
- 4/5: [Reflected XSS]
- 4/7: [Lab Session #6]
- Assignment #2 by 4/8
7th week
- 4/12: [Client-side XSS]
- 4/14: [Lab Session #7]
8th week
- 4/19: Mideterm season
- 4/21: Mideterm season
9th week
- 4/26: [Cross-site Request Forgery]
- 4/28: [Lab Session #8]
10th week
- 5/3: [Phishing and 2nd Factor Authentication]
- 5/5: [Holiday]
- Assignment #3 by 5/6
11th week
- 5/10: [Shell Code Injection and File Inclusion]
- 5/12: [Lab Session #9]
12th week
- 5/17: [Unrestricted File Upload]
- 5/19: [Lab Session #10]
13th week
- 5/24: [No class]
- 5/26: [Tracking]
14th week
- 5/31: [Property-Oriented Programming]
- 6/2: [Lab Session #11]
15th week
- 6/7: [Content Security Policy]
- 6/9: [Lab Session #12]
- Assignment #4 by 6/10
16th week
- 6/16: Final exam from 9:30 AM to 10:30 AM