CS 161: Computer Security

Announcements:

  • Homework 2 is due Friday, September 24, 11:59 PM PT.
  • Project 1 is due Friday, September 24, 11:59 PM PT.
  • Lectures are online-only for at least the first half of the semester.
  • We are live-streaming lecture in Lewis 100 during normal lecture time. See @123 for details.

Instructors: Raluca Ada Popa and Nicholas Weaver

Lecture: Monday, Wednesday, Friday, 10:00 AM–11:00 AM PT, 100 Lewis and online

Skip to current week

Date Readings Lecture Discussion HW Project
Wed
08/25

Introduction

  1. Slides
    Recording
No discussion HW1
Fri
08/27

1. Security Principles

  1. Slides
    Recording
Mon
08/30

2. x86 Assembly and Call Stack

Reference - x86/GDB Cheat Sheet

  1. Slides
    Recording
61C Review, Security Principles
(solutions)

Project 1

Wed
09/01

3. Memory Safety Vulnerabilities

  1. Slides
    Recording
Fri
09/03

(continued)

  1. Slides
    Recording
Mon
09/06

Holiday (Labor Day)

No lecture Memory Safety
(solutions)
HW2
Wed
09/08

(continued)

4. Mitigating Memory Safety Vulnerabilities

  1. Slides
    Recording
Fri
09/10

(continued)

  1. Slides
    Recording
Mon
09/13

(continued)

5. Introduction to Cryptography

  1. Slides
    Recording
Memory Safety Mitigations
(solutions)
Wed
09/15

6. Symmetric-Key Cryptography

  1. Slides
    Recording
Fri
09/17

(continued)

  1. Slides
    Recording
Mon
09/20

7. Cryptographic Hashes

Symmetric Cryptography HW3
Wed
09/22

8. Message Authentication Codes (MACs)

Fri
09/24

9. Pseudorandom Number Generators (PRNGs)

10. Diffie-Hellman Key Exchange

Mon
09/27

11. Public-Key Encryption

Asymmetric Cryptography

Project 2 Design

Wed
09/29

12. Digital Signatures

Fri
10/01

13. Certificates

14. Passwords

15. Case Studies

Mon
10/04

16. Bitcoin

Midterm Review HW4
Wed
10/06

17. SQL Injection

Thu
10/07

Midterm (7:00 PM–9:00 PM PT)

Fri
10/08

18. Introduction to Web

19. Same-Origin Policy

Mon
10/11

20. Cookies and Session Management

Cookies and CSRF
Wed
10/13

21. Cross-Site Request Forgery (CSRF)

Fri
10/15

22. Cross-Site Scripting (XSS)

Mon
10/18

23. UI Attacks

24. CAPTCHAs

SQL Injection and XSS

Project 2

Wed
10/20

25. Introduction to Networking

Fri
10/22

26. ARP

27. WPA

Mon
10/25

28. DHCP

29. BGP

UI Based Attacks and Privacy HW5
Wed
10/27

30. TCP and UDP

Fri
10/29

31. TLS

Mon
11/01

(continued)

TLS and TCP
Wed
11/03

32. DNS

Fri
11/05

33. DNSSEC

Mon
11/08

(continued)

DNS HW6
Wed
11/10

34. Denial-of-Service (DoS) Attacks

Fri
11/12

35. Firewalls

Mon
11/15

36. Intrusion Detection

Intrusion Detection

Project 3

Wed
11/17

37. Abusing Intrusion Detection

Fri
11/19

38. Malware

Mon
11/22

39. Anonymity and Tor

No discussion HW7
Wed
11/24

Holiday (Thanksgiving)

No lecture
Fri
11/26

Holiday (Thanksgiving)

No lecture
Mon
11/29

Buffer or Optional Special Topics

Special Topics
Wed
12/01

Buffer or Optional Special Topics

Fri
12/03

Buffer or Optional Special Topics

Mon
12/06

RRR week

No lecture Final Review
Wed
12/08

RRR week

No lecture
Fri
12/10

RRR week

No lecture
Mon
12/13

Final exam (8:00 AM–11:00 AM PT)