COMS W4182: Security 2 (Spring 2021)

Lecture Details

Instructor: Suman Jana
Office: Virtual
Office hours: Tuesdays (2:30-3:30 pm) or by appointment
TA Office hours: Dongdong She (Thrusday 3-4 pm)
Classroom: Virtual (Zoom)
Class hours: Tuesday and Thursday (1:10-2:25 pm)

Description

This is an advanced course on computer and network security. It is intended for security specialists, people who design and assess security systems.

Note:There will be no assigned textbook for the class and you are expected to read the assigned articles/papers/slides carefully.

Prerequisite

There official prerequisite for this class is Security 1 or equivalent introduction to security classes. Feel free to send me an email if you have any specific questions.

Grading

• programming assignments (3) - 30%
• Midterm (take home) - 20%
• Project - 45%
• Class participation - 5%

Schedule

Date	Topics	Lecture slides & Reading
Jan 12	Introduction & Authentication	intro.pptx, intro.pdf, authentication
Jan 14	Authentication (cntd.)
Jan 19	Biometrics	biometrics_slides
Jan 21	Biometrics (cntd.)
Jan 26	Public Key Infrastructure (PKI)	pki_slides
Jan 28	PKI (cntd.)
Feb 2	Secure System Design: Authentication	auth_systems_slides
Feb 4	Secure System Design: Authentication (cntd.)
Feb 9	Fuzzing	fuzzing.pptx, fuzzing.pdf Additional reading: AFL Readme Fuzzing: The State of the Art (McNally et al.)
Feb 11	Fuzzing (cntd.)
Feb 16	Symbolic Execution	Symbolic Execution.pptx, Symbolic Execution.pdf Additional reading: Symbolic Execution for Software Testing: Three Decades Later (Cadar and Sen) KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs (Cadar et al.) CUTE: A Concolic Unit Testing Engine for C (Sen et al.) DART: Directed Automated Random Testing (Godfroid et al.) Symbolic execution and program testing (King et al.)
Feb 18	Symbolic Execution (cntd.)
Feb 23
Feb 25
Mar 2
Mar 4
Mar 9
Mar 11