Instructor: J. Alex Halderman Course Homepage: http://www.eecs.umich.edu/courses/eecs588/ Coverage
This course covers foundational work and current topics in computer systems security. We will read research papers and discuss attacks and defenses against operating systems, client-side software, web applications, and IP networks. Students will be prepared for research in computer security and for security-related research in other subfields, and they will gain hands-on experience designing and evaluating secure systems. Syllabus
Part 1: Building Blocks
The security mindset, thinking like an attacker, reasoning about risk, research ethics
Symmetric ciphers, hash functions, message authentication codes, pseudorandom generators
Key exchange, public-key cryptography, key management, the SSL protocol
Part 2: Software Security
Exploitable bugs: buffer overflows and other common vulnerabilities – attacks and defenses
Malware: viruses, spyware, rootkits – operation and detection
Automated security testing and tools for writing secure code
Virtualization, sandboxing, and OS-level defenses
Part 3: Web Security
The browser security model
Web site attacks and defenses: cross-site scripting, SQL injection, cross-site reference forgery
Internet crime: spam, phishing, botnets – technical and nontechnical responses
Part 4: Network Security
Network protocols security: TCP and DNS – attacks and defenses
Policing packets: Firewalls, VPNs, intrusion detection
Denial of service attacks and defenses
Wireless and mobile device security
Data privacy, anonymity, censorship, surveillance
Part 5: Advanced Topics
Hardware security – attacks and defenses
Trusted computing and digital rights management
Electronic voting – vulnerabilities, cryptographic voting protocols
Physical security – locks and safes | (Select for large version)
 Loading... ![]()
![]()
key.jpg
|
