COMS W4181: Security 1 (Fall 2021)

Lecture Details

Instructor: Suman Jana
Office: Mudd 412
Office hours: Thursday 11-12pm CS courtyard or by appointment
TA Office hours:Andrew Quijano (Thursday 5:30 PM - 7:30 PM, Saturday 5 PM - 7 PM), Yash Agarwal (Tuesday 6 PM - 8 PM, Friday 6 PM - 8 PM)
Classroom: CSB 451
Class hours: Tuesday and Thursday (1:10-2:25 pm)


This class will teach you different fundamental aspects of computer security including basics of cryptography, network security, host security, software and hardware security. The goal of this class is to explore different security problems that affect real-world systems and different techniques that can prevent/mitigate such issues.

Note:There will be no assigned textbook for the class and you are expected to read the assigned articles/papers/slides carefully.

Late policy: You have 3 late days in total that you can use on your 3 homework assignments as you please. If you have an emergency that would cause you to submit your homework late, please e-mail me directly.


COMS W3157 Advanced programming. In general, you should be generally comfortable to deal with complex large source code (> 1000 lines of C/C++ code) and have basic knowledge of testing/debugging tools like gdb, gcov, etc.


Both midterm and final will be take-home due to the COVID-19 situation.

Books (optional): Network Security: Private Communication in a Public World, Thinking Security: Stopping Next Year's Hackers.


Date Topics Lecture slides & Reading
Sep 9 Class canceled
Sep 14 Introduction & Threat models intro.pptx, intro.pdf
Sep 16 Crypto I - basics, ciphers crypto.ppt, crypto.pdf, optional reading: Network Security: Private Communication in a Public World 2nd ed. by Kaufman et al. (Chapters 5.1-2, 5.6-7, 2.1-6, 4.2, and 6.1-6)
Sep 21 Crypto II - public key, hash functions
Sep 23 Crypto (cntd.)
Sep 28 Crypto (cntd.)
Sep 30 Crypto (cntd.)
Oct 5 Crypto (cntd.)
Oct 7 Network Security: SSL/TLS, HTTPS ssl.ppt, ssl.pdf
Oct 12 Network Security: SSL/TLS, HTTPS (cntd.)
Oct 14 Midterm review+Network Security: SSL/TLS, HTTPS (cntd.)
Oct 19 Network Security: SSL/TLS, HTTPS (cntd.)
Oct 21 Web Security web_sec.pptx, web_sec.pdf
Oct 26 Web Security (cntd.)
Oct 28 Class canceled (Suman is sick)
Nov 2 University holiday
Nov 4 Network Security: TCP/IP, DNS, BGP tcp-dns.pptx, tcp-dns.pdf
Nov 9 Network Security: TCP/IP, DNS, BGP (cntd.)
Nov 11 Network Security: TCP/IP, DNS, BGP (cntd.)
Nov 16 Network defense: Firewalls, VPNs, and Intrusion Detection network-defense.pptx, network-defense.pdf
Nov 18 Denial of service attacks dos.pptx, dos.pdf.
Nov 23 Denial of service attacks (cntd.)
Nov 25 Academic holiday (Thanksgiving)
Nov 30 Memory corruption & defenses memory_attacks.pptx, memory_attacks.pdf
Dec 2 Memory corruption & defenses (cntd.)
Dec 7 Principle of least privilege/Access control principles.pptx, principles.pdf
Dec 9 Principle of least privilege/Access control (cntd.)