Secure computing requires the secure design, implementation, and use of systems and algorithms across many areas of computer science. Fundamentals of secure computing such as trust models and cryptography will lay the groundwork for studying key topics in the security of systems, networking, web design, machine learning algorithms, mobile applications, and physical devices. Human factors, privacy, and the law will also be considered. Hands-on practice exploring vulnerabilities and defenses using Linux, C, and Python in studios and lab assignments is a key component of the course. Prerequisites: CSE 247 and either CSE 361 or CSE 332.
Recommended Pre-req:
- CSE 247 and either CSE 361 or CSE 332
- Feel free to join the class without pre-req as long as you are willing to pick up the system knowledge in the first several weeks of the class.
There is no textbook for the class. We will use research papers for some of the topics. However, the following references can be helpful.
There is one mid-term and one-final exam in this class.
| Midterm Exam 1 | 35 % |
| Midterm Exam 2 | 35 % |
| Studio | 30 % |
| Date | Topics | Reading |
| week 1 | Course Overview - Stream Cipher | |
| week 2 | BlockCipher, SEEDLAB - Secret Key | |
| week 3 | Message Integrity, Hash Function, Authenticated Encryption | |
| week 4 | SEEDLAB - MD5 Checksum, Public Key | |
| week 5 | Network Attacks, SEEDLAB - TCP/IP Attack | |
| week 6 | Network Security - Protocol, PKI, TLS, HTTPS | |
| week 7 | Blockchain, Authentication, Access Control | |
| week 8 | Mid-term 1 | |
| week 9 | Software Security, SEEDLAB - BufferOverflow | |
| week 10 | Software Security - Review of Attack and Defense | |
| week 11 | Machine Learning Security and Adversarial AI Lab | |
| week 12 | Web security, SEEDLAB - XSS | |
| week 13 | Mobile Security and SEEDLAB - Android Repackaging | |
| week 14 | Mid-term 2 |
With greater power, comes greater responsibility. In this course, we will be learning about and exploring some vulnerabilities that could be used to attack systems. Students are expected to behave responsibly and ethically. You may not attack any system prior approval of the site owners, and may not use anything you learn in this class to disrupt services or harm others. If you have any doubts about whether or not something you want to do is ethical and legal, you should check with the course instructor.
Introduction to Computer Security, Fall 2020, Ning Zhang