CS 370 :: Spring 2024 :: Introduction to Security

Textbooks

No required textbook. Reading materials will be provided on the course website /or distributed in class.

Prerequisites

This course requires a basic understing of computer systems Linux. Please consider taking those courses first:

  • CS 344 :: Operating Systems I
  • CS 312 :: Linux System Administration (recommended)

Grading

Your final grade for this course will be based on the following scheme:

  • 70%: Micro-labs [Details]
  • 30%: Quizzes 1-3
  • No midterm/final exam.

  • [Bonus] +9%: Extra point opportunities
    • +3%: Registration (CTF servers)
    • +2%: Practice of using E2EE
    • +2%: Class contributions
    • +2%: Write a Micro-lab write-up using ChatGPT

Latest Announcements [Full List]

Schedule

This is a tentative schedule; subject to change depending on the progress. b>
Date Topics Notice Assignments
Overview Security Principles
Tue.
04/02		 Course Introduction [Slides]
Part I: Cryptography
Thu.
04/04		 Cryptography Basics [Slides] [Due] Week 0: Registration to the course server
Tue.
04/09		 Block Cipher
Symmetric Encryption 		[Slides]
Thu.
04/11		 Block Cipher
Symmetric Encryption (cont'd) 		[Slides]
Tue.
04/16		 Digital Signatures
Cryptographic Hash (MD5/SHA)
Message Authentication Code (MAC) 		[Slides] [Open] Quiz 1
Thu.
04/18		 Micro-lab [No lecture] Sanghyun will be on Zoom; holding office hours for micro-labs!
Part II: Network Security
Tue.
04/23		 Public-key Infrastructure (PKI)
Digital Certificates 		[Slides] [Due] Quiz 1
Thu.
04/25		 Digital Certificates (cont'd)
Diffie--Hellman 		[Slides] [Due] Micro-labs: Crypto challenges
Tue.
04/30		 Secure Socket Layer (SSL)
Transport Layer Security (TLS)
Man-in-the-Middle (MITM) 		[Slides]
Thu.
05/02		 Micro-lab [No lecture] Sanghyun will be on Zoom; holding office hours for micro-labs!
Part III: Internet Security
Tue.
05/07		 Web Security I
(Password, SQL Injection,
Same-origin Policy) 		[Slides] [Fun] Darknet Diaries, Ep 133: I'm the Real Connor
Thu.
05/09		 Web Security II
(Same-origin Policy - cont'd
XSS, Cookies, CSRF) 		[Slides]
Tue.
05/14		 Web Security III
(UI attacks, Frame busting) 		[Slides] [Open] Quiz 2
Thu.
05/16		 Micro-lab [No lecture] Sanghyun will be on Zoom; holding office hours for micro-labs!
Part IV: Software Security
Tue.
05/21		 Preliminaries
(adapted from the UCB's CS161) 		[Slides] [Due] Quiz 2
Thu.
05/23		 Software attacks
Mem. safety vulnerabilities I 		[Slides] [Due] Micro-labs: Internet sec challenges
Tue.
05/28		 Software attacks
Mem. safety vulnerabilities II 		[Slides]
Thu.
05/30		 Micro-lab [No lecture] Sanghyun will be on Zoom; holding office hours for micro-labs!
Part V: Safe and Secure Machine Learning
Tue.
06/04		 Trustworthy ML I
(Adversarial attacks
Data poisoning) 		[Slides]
Thu.
06/06		 Trustworthy ML II
(Data poisoning - cont'd
Privacy attacks) 		[Slides] [Due] Micro-lab: Software security challenges
[Open] Quiz 3
Tue.
06/11		 Micro-lab [No lecture] Sanghyun will be on Zoom; holding office hours for micro-labs!
Finals Week (06/19 - 06/23)
Thu.
06/13		 - [No Lecture] [Due] Micro-lab: Trustworthy machine learning challenges
[Due] Quiz 3
[Due] Finish all the labs (late submissions)