COMS W4181: Security 1 (Fall 2022)
Lecture Details
Instructor: Suman Jana
Office: Mudd 412
Office hours: Wednesday (2:30-3:30pm) DSI 412
TA Office hours: Samanway (Wednesday 10am-12pm), Ben (Monday 3-5 pm)
Classroom: CSB 451
Class hours: Monday and Wednesday (1:10-2:25 pm)
Description
This class will teach you different fundamental aspects of computer security including basics of cryptography, network security, host security, software and hardware security. The goal of this class is to explore different security problems that affect real-world systems and different techniques that can prevent/mitigate such issues.
Note:There will be no assigned textbook for the class and you are expected to read the assigned articles/papers/slides carefully.
Late policy: You have 2 late days in total that you can use on your 2 homework assignments as you please.
Prerequisite
COMS W3157 Advanced programming. In general, you should be generally comfortable to deal with complex large source code (> 1000 lines of C/C++ code) and have basic knowledge of testing/debugging tools like gdb, gcov, etc.
Grading
- Programming assignments (2) - 40%
- Midterm - 30%
- Final (non-cumulative) - 30%
Books (optional): Network Security: Private Communication in a Public World, Thinking Security: Stopping Next Year's Hackers.
Schedule
Date | Topics | Lecture slides & Reading | |
Sep 7 | Introduction & Threat models | intro.pptx, intro.pdf | |
Sep 12 | Crypto I - basics, ciphers | crypto.ppt, crypto.pdf, optional reading: Network Security: Private Communication in a Public World 2nd ed. by Kaufman et al. (Chapters 5.1-2, 5.6-7, 2.1-6, 4.2, and 6.1-6) | |
Sep 14 | Crypto II - public key, hash functions | ||
Sep 19 | Crypto (cntd.) | ||
Sep 21 | Crypto (cntd.) | ||
Sep 26 | Crypto (cntd.) | ||
Sept 28 | Crypto (cntd.) | ||
Oct 3 | Network Security: SSL/TLS, HTTPS | ssl.ppt, ssl.pdf | |
Oct 5 | Network Security: SSL/TLS, HTTPS (cntd.) | ||
Oct 10 | Midterm review+Network Security: SSL/TLS, HTTPS (cntd.) | ||
Oct 12 | Midterm | ||
Oct 17 | Web Security | web_sec.pptx, web_sec.pdf | |
Oct 19 | Web Security (cntd.) | ||
Oct 24 | Network security: TCP/IP, DNS, BGP | tcp-dns.pptx, tcp-dns.pdf | |
Oct 26 | Network security: TCP/IP, DNS, BGP | tcp-dns.pptx, tcp-dns.pdf | |
Oct 31 | Class canceled (Suman is traveling) | ||
Nov 2 | Network defense: Firewalls, VPNs, and Intrusion Detection | network-defense.pptx, network-defense.pdf | |
Nov 7 | Acedemic holiday | ||
Nov 9 | Network defense (cntd.) | ||
Nov 14 | Denial of service attacks | dos.pptx, dos.pdf | |
Nov 16 | Denial of service attacks (cntd.) | ||
Nov 21 | Memory corruption & defenses | memory_attacks.pptx, memory_attacks.pdf | |
Nov 23 | Academic holiday | ||
Nov 28 | Memory corruption & defenses | ||
Nov 30 | Sandboxing & Isolation | isolation.pptx, isolation.pdf | |
Dec 5 | Principle of least privilege/Access control | principles.pptx, principles.pdf | |
Dec 7 | Class canceled (Suman is traveling) | ||
Dec 12 | Final |