General Information
Instructor
Teaching Assistant
Overview
The objectives of this course consist of developing a solid understanding of fundamental principles of the security field and building knowledge of tools and mechanisms to safeguard a wide range of software and computing systems. It is intended for upper-level undergraduate and graduate students, and a tentative list of the covered topics is: cryptographic background and tools; access control; authentication; software security, malware; Internet security protocols and standards (SSL/TLS, IPsec, secure email); intrusion detection and intrusion prevention systems (firewalls); database security; privacy; identity management; security management and risk assessment; legal and ethical aspects (cybercrime, intellectual property)
Downloads: Course Syllabus
Tentative Schedule
| Date | Topic | Notes |
|---|---|---|
| Week-1 Class-1 8/28 | Overview I | 1. Read CSE and UB academic integrity policies and procedures and finish the quiz on UBLearns. 2. Read Chapter 1. |
| Week-1 Class-2 8/30 | Overview II | |
| Week-2 Class-1 9/04 | === Labor Day Observed No class === | |
| Week-2 Class-2 9/06 | Crypto Tools I (chap 2, 20) | |
| Week-3 Class-1 9/11 | Crypto Tools II (chap 2, 21) | Assignment 1 Release |
| Week-3 Class-2 9/13 | Crypto Tools III (chap 2.4, 2.5) | |
| Week-4 Class-1 9/18 | Authentication (chap 3) | Project 1 due (Secret-Key Encryption) |
| Week-4 Class-2 9/20 | Access Control I (chap 4) | Assignment 1 Due |
| Week-5 Class-1 9/25 | Access Control II (chap 4) | |
| Week-5 Class-2 9/27 | Database Security (chap 5) | Assignment 2 Release |
| Week-6 Class-1 10/02 | Malicious Software (chap 6) | |
| Week-6 Class-2 10/04 | Network Security I: network concepts (chap 7, 22) | Project 2 due (SQL Injection Attack) |
| Week-7 Class-1 10/09 | === Fall Break No class === | AI Quiz due, Assignment 2 Due |
| Week-7 Class-2 10/11 | *** Midterm Exam *** | Knox 20 |
| Week-8 Class-1 10/16 | Network Security II: Dos attack (chap 7, 22) | |
| Week-8 Class-2 10/18 | Network Security III: DNS attack (chap 8, 9) | |
| Week-9 Class-1 10/23 | Network Security IV: Firewalls, Tunnels, and IDS (chap 9) | Assignment 3 Release |
| Week-9 Class-2 10/25 | Operating System Security (chap 12) | Project 3 due (Packet Sniffing and Spoofing Lab) |
| Week-10 Class-1 10/30 | Software Security I (chap 11) | |
| Week-10 Class-2 11/01 | Software Security II: buffer overflow | Survey 1 (Topic: Deep Learning Model Security) due |
| Week-11 Class-1 11/06 | Software Security III: buffer overflow | Assignment 3 Due |
| Week-11 Class-2 11/08 | Software Security IV: buffer overflow | |
| Week-12 Class-1 11/13 | AI Security I | Invited talk |
| Week-12 Class-2 11/15 | AI Security II | Invited talk |
| Week-13 Class-1 11/20 | Software Security V: buffer overflow defense | |
| Week-13 Class-2 11/22 | === Thanksgiving Break === | Project 4 due (Chapter 10 Buffer-Overflow Attack Lab (Set-UID Version)) |
| Week-14 Class-1 11/27 | Mobile Platform and IoT Security | Assignment 4 Release |
| Week-14 Class-2 11/29 | Microarchitectural Attacks | |
| Week-15 Class-1 12/04 | Embedded System Security | Invited talk, Project 5 due(Adversarial Attack on AI Model Lab Instruction, Lab Colab) |
| Week-15 Class-2 12/06 | Review | Assignment 4 Due |
| Final Exam 12/11 6:30PM-7:50PM | *** Final Exam *** | Knox 20 |
Resources
Required textbook:- William Stallings and Lawrie Brown, Computer Security: Principles and Practice, 5th edition, Pearson, 2024.
- Charles Pfleeger and Shari Pfleeger, Security in Computing.
- William Stallings, Cryptography and Network Security, Principles and Practice.
- Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World.
- Edward Skoudis and Tom Liston, Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses.
- Ross Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems.