CS370 :: Sp23 :: Introduction to Security

CS 370 :: Spring 2023 :: Introduction to Security

Textbooks

No required textbook. Reading materials will be provided on the course website and/or distributed in class.

Prerequisites

This course requires a basic understanding of computer systems and Linux. Please consider taking those courses first:

CS 344 :: Operating Systems I
CS 312 :: Linux System Administration (recommended)

Grading

Your final grade for this course will be based on the following scheme:

70%: Micro-labs [Details]
30%: Quizzes 1-3
No midterm/final exam.

[Bonus] +9%: Extra point opportunities

+3%: Registration (CTF servers)
+2%: Practice of using E2EE
+2%: Class contributions
+2%: Write a Micro-lab write-up using ChatGPT

Latest Announcements [Full List]

[Active] 04/03/23: Welcome to CS 370 Introduction to Security!

Schedule

This is a tentative schedule; subject to change depending on the progress.

Date	Topics	Notice	Micro-labs
Overview and Security Principles
Tue. 04/04	Course Introduction	[Slides]
Part I: Cryptography
Thu. 04/06	Cryptography Basics	[Slides]	[Due] Week 0: Registration to the course server
Tue. 04/11	Block Cipher and Symmetric Encryption (DES/AES)	SH's Business Travel [Recording \| Slides]
Thu. 04/13	-	SH's Business Travel [No lecture]
Tue. 04/18	Block Cipher (cont'd)	[Slides]
Thu. 04/20	Asymmetric Encryption, Digital Signatures, Cryptographic Hash (MD5/SHA), Message Authentication Code (MAC)	[Slides]	[Open] Quiz 1
Part II: Network Security
Tue. 04/25	Public-key Infrastructure (PKI), Digital Certificates	[Slides]
Thu. 04/27	Digital Certificates (more), Diffie--Hellman	[Slides]	[Due] Week 1-3: Cryptography challenges [Due] Quiz 1
Tue. 05/02	Secure Socket Layer (SSL) Transport Layer Security (TLS) Man-in-the-Middle (MITM)	[Slides]
Thu. 05/04	-	SH's Business Travel [No lecture]
Part III: Internet Security
Tue. 05/09	Web Security Basics (Password and SQL Injection)	[Slides]	[Fun] Darknet Diaries, Ep 133: I'm the Real Connor
Thu. 05/11	Advanced Web Security I (Same-origin policy)	[Slides]
Tue. 05/16	Advanced Web Security II (Same-origin policy - cont'd, XSS, Cookies, and CSRF)	[Slides]
Tue. 05/18	Advanced Web Security III (UI attacks, Frame busting)	[Slides]
Part IV: Software Security
Tue. 05/23	-	SH's Business Travel [No lecture]	[Open] Quiz 2
Thu. 05/25	Preliminaries (adapted from the UCB's CS161)	SH's Business Travel [Recording \| Slides]
Thu. 05/30	Software attacks Mem. safety vulnerabilities I	[Slides]	[Due] Week 5-6.5: Internet security challenges [Due] Quiz 2
Tue. 06/01	Software attacks Mem. safety vulnerabilities II	[Slides]
Part V: Trustworthy Machine Learning
Tue. 06/06	Adversarial attacks Data poisoning	[Slides]
Thu. 06/08	Data poisoning (cont'd) Privacy attacks	[Slides]	[Due (on 6/9)] Week 7-8: Software security challenges [Open] Quiz 3
Part VI: Usable Security (and Privacy)
Tue. 06/13	Password Authentication Censorship evasion	[No lecture] [Paper I \| Paper II]
Finals Week (06/19 - 06/23)
Thu. 06/15	-	[No Lecture]	[Due] Week 9: Trustworthy machine learning challenges [Due] Quiz 3 [Due] Finish all the labs (late submissions)

CS 370 :: Spring 2023 :: Introduction to Security

Home

Syllabus

Micro-labs

References

Textbooks

Prerequisites

Grading

Latest Announcements [Full List]

Schedule