Introduction to Computer Security, Fall 2020

Instructor: Ning Zhang,, public key
Meeting: TBD
Classroom: TBD
Office Hour: TBD


Course Description

Secure computing requires the secure design, implementation, and use of systems and algorithms across many areas of computer science. Fundamentals of secure computing such as trust models and cryptography will lay the groundwork for studying key topics in the security of systems, networking, web design, machine learning algorithms, mobile applications, and physical devices. Human factors, privacy, and the law will also be considered. Hands-on practice exploring vulnerabilities and defenses using Linux, C, and Python in studios and lab assignments is a key component of the course. Prerequisites: CSE 247 and either CSE 361 or CSE 332.

Recommended Pre-req:
- CSE 247 and either CSE 361 or CSE 332
- Feel free to join the class without pre-req as long as you are willing to pick up the system knowledge in the first several weeks of the class.


There is no textbook for the class. We will use research papers for some of the topics. However, the following references can be helpful.


There is one mid-term and one-final exam in this class.

Midterm Exam 1 35 %
Midterm Exam 2 35 %
Studio 30 %


Date Topics Reading
week 1 Course Overview - Stream Cipher
week 2 BlockCipher, SEEDLAB - Secret Key
week 3 Message Integrity, Hash Function, Authenticated Encryption
week 4 SEEDLAB - MD5 Checksum, Public Key
week 5 Network Attacks, SEEDLAB - TCP/IP Attack
week 6 Network Security - Protocol, PKI, TLS, HTTPS
week 7 Blockchain, Authentication, Access Control
week 8 Mid-term 1
week 9 Software Security, SEEDLAB - BufferOverflow
week 10 Software Security - Review of Attack and Defense
week 11 Machine Learning Security and Adversarial AI Lab
week 12 Web security, SEEDLAB - XSS
week 13 Mobile Security and SEEDLAB - Android Repackaging
week 14 Mid-term 2


With greater power, comes greater responsibility. In this course, we will be learning about and exploring some vulnerabilities that could be used to attack systems. Students are expected to behave responsibly and ethically. You may not attack any system prior approval of the site owners, and may not use anything you learn in this class to disrupt services or harm others. If you have any doubts about whether or not something you want to do is ethical and legal, you should check with the course instructor.

Introduction to Computer Security, Fall 2020, Ning Zhang