CSE 127: Computer Security

Syllabus

/td>
Date
Topic
Sept 24 Intro and Overview

Note: no discussion section on Monday 9/26.

Sep 29
Security Principals

Go watch Johnny Long's No Tech Hacking talk.

Video on how master keys work

Oct 1
Basic Cryptography I

Read Anderson's Security Engineering chapter on cryptography. Finish by next Tuesday.

Oct 6
Asymmetric Crypto (guest lecture: Kirill Levchenko)
Oct 8
Authentication and key distribution
Oct 13
User authentication

Read Anderson's Security Engineering chapter on Usability and Psychology.

Oct 15
Side Channels
Oct 20
Software Security I

Start reading Erlingsson et al's "Low-level Software Security by Example"

Optional, Smashing the Stack for Fun and Profit by Aleph One.

Oct 22
Software Security II
Oct 27
Web Security I: SQL injection
Oct 29
Midterm today (here is a sample midterm with solutions)
Nov 3
Web Security II: XSS, CSRF
Nov 10
Malware I: Viruses

Read Anderson's Security Engineering section 21.3 in the Chapter on Network Attack and Defense.

Nov 10
Malware II: Worms and Botnets
Nov 12
Network security I
Nov 17
Network security II
Nov 19
Botnets and Internet criminology
Nov 26
Thanksgiving Holiday. No class
Dec 1
Botnets and Internet criminology (cont)
Dec 3
Covert Channels and Information Hiding
Dec 7
Final. Will focus on second half of course (since midterm) but questions can touch on entire course material. Sample final with solutions here