CSC 495/583 Advanced Topics in Computer Security
Attack/Defense, Risk Analysis and more
2018-Spring Course Website
In this class, we will first explore the context and some foundational questions of security research and practice in general, such as why are some security technologies deployed and others fail, how we measure security and assess risk and the economics of security. We will also learn to have an attacker's mind by studying various recent attacks. These questions and studies will help the students develop a foundation and a well-rounded view of security research. With this foundation, we will then cover some of the state-of-the-art research results and on-going research activities in some topics in software security, web security, security and privacy issues in cloud computing, mobile devices and networks, and IoT devices and systems. We will explore how to define and address security research questions in these settings. In particular, we will discuss new threats emerged from these new platforms and applications such as AR and VR, the rich cloud and mobile platforms, and IoT and Blockchain systems, study various analysis techniques and tools for vulnerability discovery and threat analysis, and explore approaches for building in better security in these platforms and applications. This class is particularly suited to students who are interested in learning about current research activities and conducting research projects in computer security.
Syllabus is now available: [link]
No prerequisite for graduate students, although sufficient security background is expected. For undergraduate students, please make sure you completed CSC 302 or check with the instructor.
- Randal E. Bryant, Davie Richard O'Hallaron, Computer Systems: A Programmer's Perspective, 3rd Edition, ISBN 978-0134092669
- Wenliang Du, Computer Security: A Hands-on Approach, ISBN 978-1548367947
Schedule for Presentations