CS155 Computer and Network Security

Course Syllabus

Spring 2015

 
Lecture 1:
3/31/15
(DB)
Course overview   [pdfppt]
Reading:

Part 1: Basics
 
Lecture 2:
4/ 2/15
(DB)
Control hijacking attacks: exploits and defenses   [pdfppt]
Reading:
 
Lecture 3:
4/ 7/15
(DB)
Dealing with legacy code: sandboxing and isolation   [pdfppt]
Reading:
 
Lecture 4:
4/ 9/15
(JM)
Tools for writing robust application code   [pdfppt]
Reading:
 
Lecture 5:
4/14/15
(JM)
Principle of least privilege, access control, and operating systems security   [pdfppt]
Reading:
 
Lecture 6:
4/16/15
(inv)
Exploitation techniques and fuzzing   (Alex Stamos)   [pdfppt]
Reading:

Part 2: Web Security
 
Lecture 7:
4/21/15
(JM)
Basic web security model   [pdfppt]
Reading:
 
Lecture 8:
4/23/15
(JM)
Web application security   [pdfppt]
Reading:
 
Lecture 9:
4/28/15
(JM)
Content Security Policies (CSP), Web workers, and extensions   [pdfppt]
Reading:
 
Lecture 10:
4/30/15
(DB)
Session management and user authentication   [pdfppt]
Reading:
 
Lecture 11:
5/ 5/15
(DB)
Overview of cryptography   [pdfppt]
Reading:
 
Lecture 12:
5/ 7/15
(DB)
HTTPS: goals and pitfalls   [pdfppt]
Reading:

Part 3: Network security
 
Lecture 13:
5/12/15
(DB)
Security issues in Internet protocols: TCP, DNS, and routing   [pdfppt]
Reading:
 
Lecture 14:
5/14/15
(JM)
Network defense tools: Firewalls, VPNs, Intrusion Detection, and filters   [pdfppt]
Reading:
 
Lecture 15:
5/19/15
(DB)
Unwanted traffic: denial of service attacks   [pdfppt]
Reading:

Part 4: Security of mobile platforms
 
Lecture 16:
5/21/15
(JM)
Mobile platform security models: Android and iOS   [pdfppt]
Reading:
 
Lecture 17:
5/26/15
(JM)
Mobile threats and malware   [pdf]
Reading:
 
Lecture 18:
5/28/15
(DB)
More on malware: viruses, Spyware and key-loggers
Reading:
 
Lecture 19:
6/ 2/15
(inv)
Final lecture: TBD