Recent Advances in Computer Security and Privacy, Spring 2025

Instructor: Ning Zhang, zhang.ning@wustl.edu
TAs: Ao Li, ao@wustl.edu
Meeting: Tue/Thur 11:30 - 12:50PM
Classroom: EADS / 016
Office Hour: Wednesday 4:00 - 5:00PM in McKelvey 3037, or by appointment (via Zoom)
Schedule: Schedule here
CANVAS: https://wustl.instructure.com/courses/123722

Announcement

Course Description

In this class, students will learn about the latest research developments in two main areas software/system security and cyber-physical security. Topics in software security focus on attack and defense in application-level software, while system security focuses on attack and defense in system software and hardware. Cyber-physical security studies new security problems interfacing cyber world and physical world. The goal of this class is to prepare students to conduct research in the area of cyber-physical security. Evaluation will be based on class discussion and research project.

Recommended Pre-req:
- CSE 361S, CSE 433S, CSE 523S, CSE 571S
- Feel free to join the class without pre-req as long as you are willing to pick up the system knowledge in the first several weeks of the class.

Learning Outcomes

By the end of the course, students should be able to:

Understand and analyze attack vectors and defense mechanisms in software and hardware

Be able to read academic paper in security and privacy and summarize the main contributions of the paper

Build a foundation for pursuing further research in software/system security and cyber-physical security fields

Gain experience in launching a proof-of-concept attack in real world systems

Gain experience in writing defense mechanisms to mitigate security vulnerabilities.

Conduct a research project that addresses a specific issue in security and applies theoretical knowledge to practical problems.

Textbook

There is no textbook for the class. We will use research papers for some of the topics.

Grading

This is a project-based class. There is no mid-term or final exams in this class.

Lab	40 %
Paper Review	14 %
Class Discussion Lead	5 %
Scribe	5 %
Project - Proposal	1 %
Project - Presentation	5 %
Project - Final	30 %
Extra Credits	10 %

Schedule

Schedule can be found here

Projects

Students in group 3 - 5 will work on a semester long project to conduct original research in Computer Security. You can either come up with an idea of your own or to work on a well-defined idea we already have. There are three check points in the project.

1. Project Idea Submission
At this point, you should have well defined problem, for example, I want to use laser to sense vibration on window to evesdrop conversation from protected physical space. You should also know how it is current done in the literature. For example, research A has done this but they observe that environmental factor can significantly impact the accuracy. You should also have a good general idea how you would like to approach this problem. For example, you will develop different models based on the environmental factor to compensate for the signal distortion.

2. Final Project
At the end, a research paper should be written up (6-10 pages), this is due half a week before the final grades are due.

Ethics

With greater power, comes greater responsibility. In this course, we will be learning about and exploring some vulnerabilities that could be used to attack systems. Students are expected to behave responsibly and ethically. You may not attack any system prior approval of the site owners, and may not use anything you learn in this class to disrupt services or harm others. If you have any doubts about whether or not something you want to do is ethical and legal, you should check with the course instructor.

Contact Time Policy

To ensure the full measure of the contact time is met, the following arrangements will be made if a scheduled class cannot be held due to unforeseen circumstances, such as faculty travel:

Guest Speaker: If the instructor is unavailable, the TA or a guest speaker with relevant expertise will conduct the session, covering the planned material or a complementary topic.
Supplementary Activity: In cases where a live session cannot be held, students will complete a commensurate activity with the participation of a TA, such as:

Engaging in an assigned group discussion or project online
Completing a lab related to the course material.

Make-Up Class: A make-up session will be scheduled at a mutually convenient time for the instructor and students to ensure the contact hours are fulfilled.