COMS W4182: Security 2 (Spring 2021)
Lecture Details
Instructor: Suman Jana
Office: Virtual
Office hours: Tuesdays (2:30-3:30 pm) or by appointment
TA Office hours: Dongdong She (Thrusday 3-4 pm)
Classroom: Virtual (Zoom)
Class hours: Tuesday and Thursday (1:10-2:25 pm)
Description
This is an advanced course on computer and network security. It is intended for security specialists, people who design and assess security systems.
Note:There will be no assigned textbook for the class and you are expected to read the assigned articles/papers/slides carefully.
Prerequisite
There official prerequisite for this class is Security 1 or equivalent introduction to security classes. Feel free to send me an email if you have any specific questions.
Grading
- programming assignments (3) - 30%
- Midterm (take home) - 20%
- Project - 45%
- Class participation - 5%
Schedule
| Date | Topics | Lecture slides & Reading |
| Jan 12 | Introduction & Authentication | intro.pptx, intro.pdf, authentication |
| Jan 14 | Authentication (cntd.) | |
| Jan 19 | Biometrics | biometrics_slides |
| Jan 21 | Biometrics (cntd.) | |
| Jan 26 | Public Key Infrastructure (PKI) | pki_slides |
| Jan 28 | PKI (cntd.) | |
| Feb 2 | Secure System Design: Authentication | auth_systems_slides |
| Feb 4 | Secure System Design: Authentication (cntd.) | |
| Feb 9 | Fuzzing | fuzzing.pptx, fuzzing.pdf Additional reading: AFL Readme Fuzzing: The State of the Art (McNally et al.) |
| Feb 11 | Fuzzing (cntd.) | |
| Feb 16 | Symbolic Execution | Symbolic Execution.pptx, Symbolic Execution.pdf Additional reading: Symbolic Execution for Software Testing: Three Decades Later (Cadar and Sen) KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs (Cadar et al.) CUTE: A Concolic Unit Testing Engine for C (Sen et al.) DART: Directed Automated Random Testing (Godfroid et al.) Symbolic execution and program testing (King et al.) |
| Feb 18 | Symbolic Execution (cntd.) | |
| Feb 23 | Symbolic Execution (cntd.) | |
| Feb 25 | Symbolic Execution (cntd.) | |
| Mar 2 | Spring break | |
| Mar 4 | Spring break | |
| Mar 9 | ML security | Intro material |
| Mar 11 | ||
| Mar 16 | Verification of NN robustness | slides |
| Mar 18 | ML for fuzzing (guest lecture by Dongdong She) | |
| Mar 23 | Verification of NN robustness (cntd.) | |
| Mar 25 | Malware | slides |
| Mar 30 | Malware (cntd.) | |
| Apr 1 | Malware (cntd.) | |
| Apr 5 | Malware (cntd.) | |
| Apr 8 | Malware (cntd.) | |
| Apr 13 | Side channels | slides |
| Apr 15 | No class |