CS279 - Advanced Topics in Security

Abstract

Computer security issues have become increasingly important, as the Internet
has become the infrastructure that supports the economy, critical services,
and our social life.

To address the ever-changing set of security issues that affect applications,
operating systems, and networks, it is necessary to understand the details of
both the vulnerabilities that make security compromises possible and the
countermeasures that are required to detect and block the attacks that exploit
these vulnerabilities.

This course focuses on how to analyze the security of a computer system.
Therefore, this course will present concepts and approaches that allow one
evaluate the security posture of applications and services.

The course mixes a practical, hands-on approach with a discussion of the
current research in the field. Participants will learn how vulnerabilities are
found and how these vulnerabilities can be exploited to compromise the
security of a system. This knowledge is a fundamental prerequisite for the
correct design of protection mechanisms. The course includes also live
security exercises in a protected environment, where the knowledge about both
attack and defense techniques is validated in the field.

The course also addresses and discusses in depth the ethical issues associated
with vulnerability analysis.

Prerequisites

The course requires very good programming/development skills (C/C++,
Python), a solid background in operating systems (especially GNU/Unix), and
some basic knowledge about networks.

Instructor

Giovanni Vigna

Office: Harold Frank Hall 2159

Class Schedule: Tuesdays and Thursdays, 9:00 am to 10:50 am in Phelps 2510

Office Hours: By appointment

Teaching Assistant

To be determined.

Contacting the instructor/TA

The instructor and the TA can be contacted by sending an
email to the cs279-admin mailing list

Every student must have a CS account and must subscribe to
the cs279-users mailing list.
The mailing list will
be used to distribute last-minute information about the
class.

Topics

Course materials

The course does not have a textbook.

Several of the topics covered during the course will be
supported by material distributed by the instructor.

Course requirements

There will be homework assignments, a midterm, and a
final. In addition, students will participate in a
live security exercises.

The final grade will be determined according to the
following weights: