Instructor

Engin Kirda

For correspondence, send a mail to ek@ccs.neu.edu.

Office hours: Tuesdays, 2:30-3:15pm, 617 ISEC


Teaching Assistants

Bahruz Jabiyev

Lab hours: Wednesdays, Thursdays, 3:00-5:00pm, 617 ISEC


News

  1. 09.13.2019 Challenge 1 is online. Good luck!
  2. 09.07.2019 Registration and account information was sent to all participants.
  3. 09.05.2019 Slight modifications to the course schedule. Please double check all important dates.
  4. 09.03.2019 The course website is now online.

Abstract

Today, computer security problems have started to impact the practical aspects of our lives. Even though there is a considerable corpus of knowledge about tools and techniques to protect systems, information about what the actual vulnerabilities are and how they are exploited is not generally available. Also, there are many misconceptions when it comes to protecting systems.

This course deals with common programming, configuration, and design mistakes and ways to detect and avoid them. Examples are used to highlight general error classes, such as stack and heap overflows. Possible protection and detection techniques are examined. The course includes a number of practical lab assignments where participants are required to apply their knowledge as well as a discussion of the current research in the field. Students will learn how the security of systems can be violated, and how such attacks can be detected and prevented. The course aims to make the students "security aware", and gain a basic understanding about security issues.


Some Topics

  • Code security
  • Web security
  • Malware
  • Underground economy
  • Social network security and fraud
  • Reverse engineering and binary analysis
  • Intrusion detection
  • Testing
  • Operational security

Prerequisites

Programming experience (this course is not for you if you are a complete beginner)
Knowledge of C/C++ useful
Basic web programming knowledge is useful
Knowledge of general computer science concepts

Dates and Times

Tuesday and Friday, 9:50-11:20am, Kariotis Hall 304


Slides, Material, and Schedule

Use your course credentials to access the material below.

  • XX.XX.2019 // Final -- date and location to be announced (covers classes 12-22)
  • 12.03.2019 // Class 22
  • 11.26.2019 // Class 21
  • 11.22.2019 // Class 20 // Quiz 3
  • 11.19.2019 // Class 19
  • 11.15.2019 // Class 18
  • 11.12.2019 // Class 17
  • 11.08.2019 // Class 16 // Quiz 2
  • 11.05.2019 // Class 15
  • 11.01.2019 // Class 14
  • 10.29.2019 // Class 13
  • 10.25.2019 // Midterm (covers classes 1-11)
  • 10.22.2019 // Class 12
  • 10.18.2019 // Class 11
  • 10.15.2019 // Class 10
  • 10.11.2019 // Class 9
  • 10.08.2019 // Class 8
  • 10.04.2019 // Class 7 // Quiz 1
  • 10.01.2019 // Class 6
  • 09.27.2019 // Class 5
  • 09.20.2019 // Class 4
  • 09.17.2019 // Class 3 (download slides)
  • 09.13.2019 // Class 2 (download slides)
  • 09.10.2019 // No class
  • 09.06.2019 // Class 1 (download slides)

Practical Challenges (Assignments)

Students will "need" to solve a set of practical challenges (assignments) in the lab part of the course. For more information on the challenges and the grading, check this page.


Grading

The course grade will be based on:

10%: Participation
10%: 3 Quizzes (1-2-3)
27%: Midterm exam
30%: Final exam
23%: Security labs

Registration

Registration details will be announced via e-mail to the registered participants.


Last Modified: Tue Sep 17 21:28:29 2019 EDT