IMPORTANT REGISTRATION INFORMATION

If you add or drop the course after 01.10.2018, send me an email ASAP.


Instructor

Kaan Onarlioglu

Teaching Assistants

Manoj Venkatesan

Contact

With the exception of emergency situations, all course-related communication will be done over Piazza. We cannot guarantee responding to individual emails in a timely manner, but we will monitor Piazza regularly and do our best to answer all questions as quickly as humanly possible.
Individual contact addresses are available in the university directory.


News

  1. 01.18.2018 A bonus challenge appears! (see the "Challenges" menu on the left.). UPDATE: Description updated with clarifications.
  2. 01.17.2018 Challenge 1 posted (see the "Challenges" menu on the left.). Your registration code is under your home directory, in "~/reg_code.txt". Lecture 2 slides posted. Incomplete crypto slides updated.
  3. 01.12.2018 We are looking for a bigger room. Don't forget to check out the latest announcements before class next Wednesday.
  4. 01.11.2018 Challenge 0 posted (see the "Challenges" menu on the left.). Lecture 1 slides posted.
  5. 01.09.2018 First class tomorrow! TAs posted. Check your email after class for your credentials and Piazza link.
  6. 12.15.2017 The course website is online.

Abstract

Internet and computer security have become part of everyday life. The year 2017 in particular is dubbed the "worst-year for security" by numerous independent researchers, with high-profile security breaches and damaging new attacks taking center stage in technology news.

These trends will continue as vulnerabilities become more severe and attacks more profitable. As such, it is more important than ever to train security professionals equipped with the right skills and mindset to stay one step ahead of the bad guys.

This course aims to make students security aware by surveying practical vulnerability classes, and importantly, by teaching students a key skill: thinking like an attacker. Students will gain hands on experience using security tools & technologies, and crafting their own attacks, all the while emphasizing the importance of using these skills ethically to advance the state of the art in computer security.


Topics

Cryptographic primitives (only basics, this is not a crypto course!)
OS & Linux security
Internet security
Memory corruption
Reverse engineering
Malware
Research in systems security

Prerequisites

This course has a big hands-on component, requiring students to survey technical documents, learn new skills, and implement those in potentially unfamiliar computing environments to solve practical challenges (i.e., lab assignments). Students should carefully read the below prerequisites before registering for the course.

Significant programming experience. You will need to program and debug in C, and understand the basics of the x86 architecture. If you have a non-technical background, you may have a considerably difficult time.

A genuine interest in practical, technical computer security. Practical challenges are not necessarily difficult, but they will require patience & dedication to solve. With the right motivation, you will have a blast tackling them; but without that drive they can feel like a chore.

Familiarity with computer networks, TCP/IP, and how the Internet works in general. This is not a Computer Networks course, and you don't need to be an expert. But be prepared to do some research online and learn on your own if you lack the basics.

Familiarity with Linux and working on the command line. This is not an Operating Systems course, so ditto above.

Don't be scared to see cryptography in the topics. This is not a Cryptography course, we will only cover some extremely basic primitives and principles key to understanding the rest of the material. NO math skills needed, at all.


Dates and Times

Forsyth Building, Room 129, 6-9pm, Wednesday


Slides and Schedule

  • 01.10.2018 // Class 1 [1-Introduction], [2-Security], [3-Cryptography]
  • 01.17.2018 // Class 2 [4-Architecture] [5-Hacking]
  • 01.24.2018 // Class 3
  • 01.31.2018 // Class 4
  • 02.07.2018 // Class 5
  • 02.14.2018 // Class 6
  • 02.21.2018 // Class 7
  • 02.28.2018 // Midterm Exam
  • 03.07.2018 // Spring break -- No class
  • 03.14.2018 // Class 8
  • 03.21.2018 // Class 9
  • 03.28.2018 // Class 10
  • 04.04.2018 // Class 11
  • 04.11.2018 // Class 12
  • 04.18.2018 // Class 13
  • 04.??.2018 // Final Exam

Grading

10%: Quizzes
20%: Midterm exam
20%: Final exam
50%: Practical challenges

Last Modified: Thu Jan 18 15:00:48 2018 EST