COMP 535   Introduction to Computer Security

Instructor Mike Reiter
Office hours: 10-11am on Tuesdays except where noted below
Location: Brooks Building 350
Teaching assistant Erik Persson
Office hours: Thursdays 5-6pm and Fridays 11am-noon
Location: Brooks Building 352
Location Brooks Building 009
Meeting times 11:15am-12:30pm on the Mondays and Wednesdays indicated below
Resources Syllabus

Course schedule (subject to change)

Note: Class meets on days/dates in boldface.
Wk Day Date Topic Reading Comments
1 We Jan 10 Course introduction [slides] ITS Policies, Procedures and Guidelines
60 Minutes segment on Stuxnet
The Mandiant report on APT1 discussed in class
 
3 Mo Jan 22 Code injection attacks and countermeasures [slides] Younan et al., 2012 Homework 1
  We Jan 24 Code injection attacks and countermeasures (cont.)
Java security [slides]
   
4 Mo Jan 29 Java security (cont.)    
  We Jan 31 Other software vulnerabilities [slides] Weinberger et al. 2011 Homework 2
5 Mo Feb 5 Authentication and access control in distributed systems [slides] Lampson et al. 1992, except Section 4 Homework 1 due
  We Feb 7 Authentication and access control in distributed systems (cont.) [optional] a paper that uses the logic (see Sec. 4.1 for an example) ...
[optional] ... and another one
 
6 Mo Feb 12 Authentication and access control in distributed systems (cont.)   Homework 2 due
  We Feb 14 Authentication and access control in distributed systems (cont.)   Quiz 1
7 Mo Feb 19 Cryptography [slides]    
  We Feb 21 Cryptography (cont.) Lenstra & Verhuel 1999, except for discussion of "elliptic curve" crypto
[optional] a site for comparing different methods for choosing key lengths
 
8 Mo Feb 26 Cryptography (cont.)    
  We Feb 28 Cryptography (cont.)   Quiz 2
9 Mo Mar 5 Review session    
  We Mar 7 Exam    
11 Mo Mar 19 Authentication and key exchange protocols [slides] Abadi & Needham 1996
  We Mar 21 Authentication and key exchange protocols (cont.)    
12 Mo Mar 26 Exam review and TLS [slides]   Homework 3
  We Mar 28 Firewalls and related technologies [slides]    
13 Mo Apr 2 Firewalls and related technologies (cont.)   Homework 3 due
Homework 4
  We Apr 4 Firewalls and related technologies (cont.)    
14 Mo Apr 9 Traffic analysis defense [slides] Chaum 1981
Owen & Savage 2015
 
  We Apr 11 Traffic analysis defense (cont.)   Quiz 3
15 Mo Apr 16 Chosen ciphertext security [slides] Vaudenay 2002 Homework 4 due
  We Apr 18 Passwords [slides] Florencio & Herley 2014  
16 Mo Apr 23      
  We Apr 25 Review    
  Tu May 8 Final exam (noon-3pm)