Introduction to Computer Security, Fall 2021

Instructor: Ning Zhang, zhang.ning@wustl.edu
TA: TBD,
Office Hour: By Appoinment

Announcement


Course Description


Secure computing requires the secure design, implementation, and use of systems and algorithms across many areas of computer science. Fundamentals of secure computing such as trust models and cryptography will lay the groundwork for studying key topics in the security of systems, networking, web design, machine learning algorithms, mobile applications, and physical devices. Human factors, privacy, and the law will also be considered. Hands-on practice exploring vulnerabilities and defenses using Linux, C, and Python in studios and lab assignments is a key component of the course. Prerequisites: CSE 247 and either CSE 361 or CSE 332.

Recommended Pre-req:
- CSE 247 and either CSE 361 or CSE 332
- Feel free to join the class without pre-req as long as you are willing to pick up the system knowledge in the first several weeks of the class.

Textbook


There is no textbook for the class. We will use research papers for some of the topics. However, the following references can be helpful. They are available in the library reserve.

Grading


There is one mid-term and one-final exam in this class.

Midterm Exam 1 30 %
Studio 30 %
Course Project 30 %
CTF 10+10 %

Schedule



Date Topics Reading
week 1 Course Overview, Network Attacks Network 101 Video
week 2 SEEDLAB - TCP/IP Attack, Stream Cipher
week 3 BlockCipher, SEEDLAB - Secret Key
week 4 Message Integrity, Hash Function, Authenticated Encryption
week 5 SEEDLAB - MD5 Checksum, Public Key
week 6 Network Security - Protocol, PKI, TLS, HTTPS
week 7 Blockchain, Authentication, Access Control, Exam Review
week 8 Mid-term 1, course project overview
week 9 Privacy, Mobile Security, Cyber-physical Security
week 10 Machine Learning Security and Adversarial AI Lab
week 11 Software Security, SEEDLAB - BufferOverflow
week 12 Software Security - Overview of Attack and Defense
week 13 System Security, SEEDLAB - Race condition
week 14 TBD & Final Project Presentation

Course Project Idea



Ethics


With greater power, comes greater responsibility. In this course, we will be learning about and exploring some vulnerabilities that could be used to attack systems. Students are expected to behave responsibly and ethically. You may not attack any system prior approval of the site owners, and may not use anything you learn in this class to disrupt services or harm others. If you have any doubts about whether or not something you want to do is ethical and legal, you should check with the course instructor.

Introduction to Computer Security, Fall 2021, Ning Zhang