Course Syllabus
Spring 2009
Lecture 1:
3/31/09
(mit)
|
Course overview
[ppt]
Reading:
|
Part 1: Basics | |
Lecture 2:
4/ 2/09
(mit)
|
Secure system design, access control, and protection
[ppt]
Reading:
|
Lecture 3:
4/ 7/09
(bon)
|
Buffer overflows and other common bugs: exploits and defenses
[ppt]
Reading:
|
Lecture 4:
4/ 9/09
(inv)
|
Testing for security via fuzzing
Reading:
|
Lecture 5:
4/14/09
(inv)
|
Tools for writing robust application code
|
Lecture 6:
4/16/09
(bon)
|
Dealing with bad (legacy) application code: sandboxing and isolation
[ppt]
Reading:
|
Lecture 7:
4/21/09
(mit)
|
Use of cryptography in computer security
[ppt]
Reading:
|
Part 2: Network security | |
Lecture 8:
4/23/09
(bon)
|
Security problems in network protocols: TCP, DNS, SMTP, and routing
[ppt]
Reading:
|
Lecture 9:
4/28/09
(mit)
|
Network defense tools: Firewalls, VPNs, Intrusion Detection, and filters
[pdf]
Reading:
|
Lecture 10:
4/30/09
(bur)
|
Malware: Computer viruses, Spyware, and key-loggers
Reading:
|
Lecture 11:
5/ 5/09
(bur)
|
bot-nets: attacks and defenses
[ppt]
Reading:
|
Lecture 12:
5/ 7/09
(bon)
|
Unwanted traffic: denial of service attacks and spam email
[ppt]
Reading:
|
Lecture 13:
5/12/09
(bur)
|
Network reconaissance and mapping, penetration testing
|
Part 3: Web Security | |
Lecture 14:
5/14/09
(bur)
|
Basic web security model
Reading:
|
Lecture 15:
5/19/09
(mit)
|
User authentication and session management
[ppt]
Reading:
|
Lecture 16:
5/21/09
(bon)
|
HTTPS: goals and pitfalls
[ppt]
Reading:
|
Lecture 17:
5/26/09
(inv)
|
Web site security
[ppt]
Reading:
|
Part 5: Final topics | |
Lecture 18:
5/28/09
(mit)
|
Digital Rights Management
[ppt]
Reading:
|
Lecture 19:
6/ 2/09
(inv)
|
Final lecture
|