CS 294: Advanced Topics in Computer Security
|Soda Hall 310
In this class, we will first explore the context and some
foundational questions of security research and practice in general,
such as why are some security technologies deployed and others fail,
how we measure security and assess risk, and the economics of
security. We will also learn to have an attacker's mind by studying
various recent attacks. These questions and studies will help the
students develop a foundation and a well-rounded view for security research.
With this foundation, we will then cover some of the state-of-the-art
research results and on-going research activities in a number of
topics in software security, web security, security and privacy issues
in cloud computing, mobile devices and networks, and medical devices
and systems. We will explore how to define and address security
research questions in these settings. In particular, we will discuss
new threats emerged from these new platforms and applications such as
web2.0, the rich cloud and mobile platforms, and medical systems, study
various analysis techniques and tools for vulnerability discovery and
threat analysis, and explore approaches for building in better
security in these platforms and applications.
This class is particularly suited to students who are interested in
learning about current research activities and conducting
research projects in computer security.
Here's the course schedule and reading list.
15% Class particpation
15% Reading notes and critique
15% Scribe notes
20% Project 1
35% Project 2
The template for scribe notes is here with the Makefile. Pls read the comments in the beginning of the file to follow the naming convention for your files. Thanks!
Weekly written assignments based on the readings can be found on the course schedule and reading list page. These assignments should be turned in by 5pm on Wednesday (the day before class). Students should submit a hard copy to Dawn's office (675 Soda), as well as email a copy to email@example.com. It's important that you finish these assignments on time, since we will discuss the questions during class.
No prerequisite for graduate students, although sufficient security background is expected. For undergraduate students, please check with the instructor.
- Class style:
This course will be mostly lecture
and in-class discussion oriented. The course is divided into three
topics as outlined above. The instructor will provide
context for each topic, introduce the core techniques, and
lead in-class discussions on challenging issues and open research
Some lectures have required reading, and other lectures have
supplemental readings for those interested in more in-depth learning.
- Intended audience:
This course is intended for
graduate students interested in research in computer security. Both first year graduate
students and more senior graduate students are welcome.
- Relationship with CS261:
This course and CS261
have no overlap in terms of materials covered in class. CS261 aims to
provide an introduction to basic concepts in computer security,
whereas this course focuses on more advanced computer security
research and aims to
introduce students to the most recent results and open research
questions in selected areas.