CSE 127: Computer Security

CSE 127

Schedule: Class (TTh 3:30-4:50 PCYNH 106), Discussion (M 5-5:50pm PCYNH 106)

Instructor: Stefan Savage
Office hours: M 4pm-5pm or by appt, CSE 3106

Teaching Assistants:

Teaching Assistant office hours:
  • Mondays 6:30PM-7:20PM (B240A)
  • Wednesdays 1PM-1:50PM (B240A)
  • Wednesdays 5PM-5:50PM (B215)
  • Thursdays 1PM-1:50PM (B215)
  • Fridays 3PM-3:50PM (B215)


This course focuses on computer and network security, covering a wide range of topics on both the "defensive" and "offensive" side of this field. Among these will be code security and exploitation (buffer overflows, race conditions, SQL injection, etc), access control and authentication, covert channels, protocol attacks, firewalls, intrusion detection/prevension, viruses/worms and bots, spyware and phising, denial-of-service, privacy/anonymity, and computer forensics. The goal of the course is to provide an appreciation of how to think adversarially with respect to computer systems as well as an appreciation of how to reason about attacks and defenses.

To complete the projects in this course, you will need the ability to develop software programs using the C language, and some understanding of Assembly, PHP and SQL. We will not reach these in class and you will be expected to learn them on your own. If you do not know C, I recommend the classic, The C Programming Language, by Kernighan and Ritchie, because it is short and simple.

Finally, this term we will be using Piazza for class discussion. Rather than emailing questions to the teaching staff, please post your questions on Piazza; this will keep the discussions organized and let everyone benefit from the answers. We may also use it for announcements, so be sure to sign up (you can sign up at: https://piazza.com/ucsd/spring2018/cse127/home).