CS279 - Advanced Topics in Security


Computer security issues have become increasingly important, as the Internet
has become the infrastructure that supports the economy, critical services,
and our social life.

To address the ever-changing set of security issues that affect applications,
operating systems, and networks, it is necessary to understand the details of
both the vulnerabilities that make security compromises possible and the
countermeasures that are required to detect and block the attacks that exploit
these vulnerabilities.

This course focuses on how to analyze the security of a computer system.
Therefore, this course will present concepts and approaches that allow one to
evaluate the security posture of applications and services.

The course mixes a practical, hands-on approach with a discussion of the
current research in the field. Participants will learn how vulnerabilities are
found and how these vulnerabilities can be exploited to compromise the
security of a system. This knowledge is a fundamental prerequisite for the
correct design of protection mechanisms. The course includes also live
security exercises in a protected environment, where the knowledge about both
attack and defense techniques is validated in the field.

The course also addresses and discusses in depth the ethical issues associated
with vulnerability analysis.


The course requires very good programming/development skills (C/C++,
Python), a solid background in operating systems (especially GNU/Unix), and
some basic knowledge about networks.


Giovanni Vigna

Office: Harold Frank Hall 2159

Class Schedule: Tuesdays and Thursdays, 9:00 am to 10:50 am in Phelps 2510

Office Hours: By appointment

Teaching Assistant

Fish Wang

Office: Harold Frank Hall 2144

Office Hours: By appointment

Contacting the instructor/TA

All interaction with the instructor is through the Piazza

Please enroll in the class here.
Every student must have a CS account and being able to access


Course materials

The course does not have a textbook.

Several of the topics covered during the course will be
supported by material distributed by the instructor.

Course requirements

There will be homework assignments, a midterm, and a
final. In addition, students will participate in a
live security exercises.

The final grade will be determined according to the
following weights: