Instructor: Suman Jana
Office: Mudd 412
Office hours: 4-6 pm Wednesdays
TA Office hours: Miguel Arroyo (Tuesday 1-3 pm), Dennis Roellke (Thursday 4-6 pm)
Classroom: 403 International Affairs Building
Class hours: Monday and Wednesday (2:40-3:55 pm)
This class will teach you different fundamental aspects of computer security including basics of cryptography, network security, host security, software and hardware security. The goal of this class is to explore different security problems that affect real-world systems and different techniques that can prevent/mitigate such issues.
Note:There will be no assigned textbook for the class and you are expected to read the assigned articles/papers/slides carefully.
There is no formal prerequisite for this class but you should be generally comfortable to deal with complex large source code (> 1000 lines of C/C++ code) and have basic knowledge of testing/debugging tools like gdb, gcov, etc. Feel free to send me an email if you have any specific questions.
- programming assignments (4) - 56%
- Midterm - 20%
- Final (non-cumulative) - 20%
- Class participation - 4%
|Date||Topics||Lecture slides & Reading|
|Sep 5||Introduction & Threat models||intro.pptx, intro.pdf|
|Sep 10||Crypto I - basics, ciphers||crypto.ppt, crypto.pdf, optional reading: Network Security: Private Communication in a Public World 2nd ed. by Kaufman et al. (Chapters 5.1-2, 5.6-7, 2.1-6, 4.2, and 6.1-6)|
|Sep 12||Crypto II - public key, hash functions|
|Sep 17||Crypto (cntd.)|
|Sep 19||Crypto (cntd.)||Additional reading: Twenty Years of Attacks on the RSA Cryptosystem|
|Sep 24||Crypto in practice|| crypto_fails.ppt, crypto_fails.pdf.
HW1 is posted in CourseWorks and is due by 11:59pm on 15th Oct.
|Sep 26||Network Security: SSL/TLS, HTTPS||ssl.ppt, ssl.pdf|
|Oct 1||Network Security: SSL/TLS, HTTPS|
|Oct 3||Web Security||web_sec.pptx, web_sec.pdf|
|Oct 8||Web Security|
|Oct 10||Network Security: TCP/IP, DNS, BGP||tcp-dns.pptx, tcp-dns.pdf|
|Oct 15||Network defense: Firewalls, VPNs, and Intrusion Detection||network-defense.pptx, network-defense.pdf|
|Oct 17||Network defense: Firewalls, VPNs, and Intrusion Detection||
HW2 is posted in CourseWorks and is due by 11:59pm on 28th Oct.
|Oct 22||Denial of service attacks||dos.pptx, dos.pdf. Midterm covers all previous lectures and this one|
|Oct 24||Memory corruption attacks & defenses|
|Oct 29||Memory corruption attacks & defenses|
|Nov 5||No class (academic holiday)|
|Nov 21||No class (Thanksgiving)|