Course Syllabus
Instructor:
Prof. Zhou Li (Engineering Hall 3227)
Course Info:
Tue, Thu 11:00AM - 12:20PM, SSTR 101 (now DBH 1200)
Office hour: Thu 2pm-4pm (by appointment if needed)
Prerequisite:
Basic knowledge of OS, network and applications.
Knowledge of programming language, especially C.
Course Description:
This course will teach the principles and practices of system security as applied to software-, network-, and hardware-layer. It covers the foundations and techniques of analyzing the security of systems and building secured systems.
Main questions to be discussed in this lecture:
- What does real-world cyber-attack look like?
- What techniques are available to make system secured?
- What security and privacy principles should we follow?
- What is new in the research domain?
What are we going to do during this lecture:
- We will follow some chapters of the textbook.
- Beyond the content from the textbook, I'll give lectures about the recent development in the research domain, like formally-verified OS kernel, adversarial machine learning and trusted execution environment (TEE).
- The students will work on projects either re-implementing the well-known attack methods or building detection/mitigation models to address the attacks.
Textbook:
Security in Computing, 5th edition
|
Course Policies:
- Attendance at lecture and discussion sections is required. It is the student's responsibility to make prior arrangements with the instructor for any absence known in advance.
- Assignments are listed on the "Assignments" page. They are assigned on a weekly or bi-weekly basis and the due dates are indicated during lectures. You are encouraged to discuss with other students, and refer to course materials, but need to write down your own answers/code.
- Late policies: Home work turned in after the due date/time will not be graded and will receive no credit. Make-up assignments can only be arranged for absence due to medical (or similar) reasons. Proper documentation is required. Caveat: You will have one chance (only one!) to submit assignment late without asking for permission (no later than 24 hours).
- Academic Honesty: The complete policy statement on academic honesty is published in the UCI Schedule of Classes. Under no circumstances are students allowed to work together on any of the examinations. Cheating is a dishonest representation of the course work, including but not limited to cheating on an exam, fraudulently presenting lab exercises or assignments by someone else as one's own, or getting someone else to take the course. It is a serious academic offense that will not be tolerated. Cheaters can expect to receive a failing grade and will be punished under University regulations.
Grading Policies:
Assignments | 40% |
Attendance, survey and quiz | 20% |
Project report and presentation | 40% |
Guidelines to Course Project:
Course Slides
Tentative Class Schedule:
- Week 1: Class Introduction & basic security principles, crypto basics (textbook chapter)
- Week 2: Crypto basics (textbook chapter)
- Week 3: Software vulnerabilities (textbook chapter)
- Week 4: Code analysis and fuzzing (advanced topic)
- Week 5: System security and machine learning (advanced topic)
- Week 6: Network security (textbook chapter)
- Week 7: OS Security and seL4 (advanced topic)
- Week 8: IoT/CPS security, hardware security and Intel SGX (advanced topic)
- Week 9: Privacy (textbook chapter)
- Week 10: Course summary, trends of security research, and project presentation
Detailed Class Schedule:
Week | Date | Topic | Comment |
1 | 01/08/2019 | Intro | Textbook chapter 1 |
1 | 01/10/2019 | Authentication | Textbook chapter 2.1 & 2.2 |
2 | 01/15/2019 | Access Control & Cryptography | Textbook chapter 2.2 & 2.3 & 12; MAC & DAC, BLP & Biba |
2 | 01/17/2019 | Cryptography | Textbook chapter 2.3 & 12; One-time pad; Block cipher encryption modes; Diffie-Hellman Key Exchange |
3 | 01/22/2019 | Cryptography, Software vulnerabilities & Malicious software |
Textbook chapter 3; Heap Overflow; Use-after-free; |
3 | 01/24/2019 | Software vulnerabilities & Malicious software | Textbook chapter 3; DEP; ASLR; |
4 | 01/29/2019 | Software vulnerabilities & Malicious software; Automated tools for software vulnerability discovery | CFI [1] [2]; Static & dynamic analysis [1] [2] |
4 | 01/31/2019 | Automated tools for software vulnerability discovery | Static & dynamic analysis [1] [2] |
5 | 02/05/2019 | Machine learning for security | Stanford notes; URL classification; Malware detection; Spam detection; Graph analytics |
5 | 02/07/2019 | Security of machine learning | Adversarial machine learning [1] [2] [3] |
6 | 02/12/2019 | Mid-term project presentation | |
6 | 02/14/2019 | Network security | Textbook chapter 6 |
7 | 02/19/2019 | Network security | Textbook chapter 6 |
7 | 02/21/2019 | OS Security | Textbook chapter 5 |
8 | 02/26/2019 | IoT (guest lecture by KJ Lin) | |
8 | 02/28/2019 | Iot Security and Privacy | |
9 | 03/05/2019 | Hardware security | Intro to TPM [1]; ARM TrustZone [1]; Intel SGX [1] |
9 | 03/07/2019 | Hardware security | Cache side-channel attack [1]; Meltdown and Spectre [1]; Row hammer [1]; Power analysis [1] |
10 | 03/12/2019 | Project final presentation | |
10 | 03/14/2019 | Project final presentation |
Course Summary:
Date | Details | Due |
---|---|---|