COMS W4181: Security 1 (Fall 2018)


Lecture Details

Instructor: Suman Jana
Office: Mudd 412
Office hours: 4-6 pm Wednesdays
TA Office hours: Miguel Arroyo (Tuesday 1-3 pm), Dennis Roellke (Thursday 4-6 pm)
Classroom: 403 International Affairs Building
Class hours: Monday and Wednesday (2:40-3:55 pm)

Description

This class will teach you different fundamental aspects of computer security including basics of cryptography, network security, host security, software and hardware security. The goal of this class is to explore different security problems that affect real-world systems and different techniques that can prevent/mitigate such issues.

Note:There will be no assigned textbook for the class and you are expected to read the assigned articles/papers/slides carefully.

Prerequisite

There is no formal prerequisite for this class but you should be generally comfortable to deal with complex large source code (> 1000 lines of C/C++ code) and have basic knowledge of testing/debugging tools like gdb, gcov, etc. Feel free to send me an email if you have any specific questions.

Grading

Both midterm and final will be open-notes but no internet access will be allowed.

Books (optional): Network Security: Private Communication in a Public World, Thinking Security: Stopping Next Year's Hackers.

Schedule

Date Topics Lecture slides & Reading
Sep 5 Introduction & Threat models intro.pptx, intro.pdf
Sep 10 Crypto I - basics, ciphers crypto.ppt, crypto.pdf, optional reading: Network Security: Private Communication in a Public World 2nd ed. by Kaufman et al. (Chapters 5.1-2, 5.6-7, 2.1-6, 4.2, and 6.1-6)
Sep 12 Crypto II - public key, hash functions
Sep 17 Crypto (cntd.)
Sep 19 Crypto (cntd.) Additional reading: Twenty Years of Attacks on the RSA Cryptosystem
Sep 24 Crypto in practice crypto_fails.ppt, crypto_fails.pdf.
HW1 is posted in CourseWorks and is due by 11:59pm on 15th Oct.
Sep 26 Network Security: SSL/TLS, HTTPS ssl.ppt, ssl.pdf
Oct 1 Network Security: SSL/TLS, HTTPS
Oct 3 Web Security web_sec.pptx, web_sec.pdf
Oct 8 Web Security
Oct 10 Network Security: TCP/IP, DNS, BGP tcp-dns.pptx, tcp-dns.pdf
Oct 15 Network defense: Firewalls, VPNs, and Intrusion Detection network-defense.pptx, network-defense.pdf
Oct 17 Network defense: Firewalls, VPNs, and Intrusion Detection
HW2 is posted in CourseWorks and is due by 11:59pm on 28th Oct.
Oct 22 Denial of service attacks dos.pptx, dos.pdf. Midterm covers all previous lectures and this one
Oct 24 Memory corruption attacks & defenses
Oct 29 Memory corruption attacks & defenses
Oct 31 Midterm
Nov 5 No class (academic holiday)
Nov 7 TBD
Nov 12 TBD
Nov 14 TBD
Nov 19 TBD
Nov 21 No class (Thanksgiving)
Nov 26 TBD
Nov 28 TBD
Dec 3 TBD
Dec 5 TBD
Dec 10 TBD