Training Agenda

1. Understanding application errors (40%)
   1. Operating system memory map
   2. Stack frame structure of C function
   3. Error types (stack overflow, heap overflow, format string)
   4. Using debugger to identify errors
2. Exploiting errors to attack the system (40%)
   1. Gentle introduction to assembly language
   2. Writing shellcode
   3. Local code execution attacks
   4. Remote code execution attacks
3. Hiding intruder presence in the operating system (20%)
   1. Solution based on loadable kernel modules
   2. Operating system compromise detection

The 2-day training will be divided into lecture sessions and practical workshops. Each participant will have individual computer workstation; the training will be limited to maximum 12 participants.

Workshops will allow to test introduced theoretical concepts and conduct specific forms of attacks as well as implement different system intruder masking techniques.

We will discuss various attack techniques on system implementation errors, specifically the subject of undetectability of specific forms of attacks in standard Intrusion Detection Systems (IDS)