CS7580 Fall 2018

Special Topics in Offensive Security is a graduate course that explores the tools and techniques used to attack systems, networks, and software. The course goals are the following:

  • Provide both theoretical and working knowledge of popular vulnerability classes and how to exploit them
  • Enumerate deployed defense classes and how to bypass them
  • Examine techniques for discovering 0-day vulnerabilities and developing proof-of-concept exploits
  • Provide hands-on experience in the stages of typical attack campaigns

Topics covered by this course include:

  • Security foundations
  • Memory corruption
  • Reverse engineering
  • Fuzzing
  • Reconnaissance
  • Privilege escalation
  • Attack persistence
  • Data exfiltration

CS6740 Spring 2018

Network Security is a mixed undergraduate/graduate course that explores the practical elements of securing networked systems and services. The course goals are the following:

  • Provide a solid understanding of the design and analysis of network security architectures, protocols, and services
  • Provide an in-depth examination of contemporary network security standards and their limitations
  • Provide hands-on experience in attacking and defending network services

Topics covered by this course include:

  • Security foundations
  • Attacks against the network stack
  • Wireless security
  • Naming and routing
  • Distributed systems and consensus
  • Privacy and anonymity
  • Web security
  • Malware and malware analysis

CS5770 Spring 2017

Software Vulnerabilities and Security is a graduate course covering common software programming, configuration, and design mistakes, and how to avoid them. The goals of the course are the following:

  • Examine major vulnerability classes introduced in various software domains and levels of the software stack
  • Understand effective techniques for defending against exploitation in situ
  • Understand approaches for detecting the presence of vulnerabilities during development and deployment
  • Gain hands-on experience in attacking and defending vulnerable software

Examples of topics covered by this course include:

  • Memory corruption
  • Web security
  • Intrusion detection
  • Reverse engineering and binary analysis
  • Static and dynamic vulnerability discovery
  • Malware classification and triage

CS7580 Fall 2016

Special Topics in Security explores recent research and unsolved problems in systems, network, software, and hardware security. The goals of the course are the following:

  • Expose students to the latest attacks and proposed defenses
  • Encourage students to critically evaluate recent research
  • Propose and discuss new approaches to security

Examples of topics covered by this course include:

  • Cyber-physical systems
    • Internet of Things
    • Autonomous systems
    • Industrial control systems
  • Algorithmic complexity attacks
  • Side channels and covert channels

CS5770 Spring 2016

Software Vulnerabilities and Security is a graduate course covering common software programming, configuration, and design mistakes, and how to avoid them. The goals of the course are the following:

  • Examine major vulnerability classes introduced in various software domains and levels of the software stack
  • Understand effective techniques for defending against exploitation in situ
  • Understand approaches for detecting the presence of vulnerabilities during development and deployment
  • Gain hands-on experience in attacking and defending vulnerable software

Examples of topics covered by this course include:

  • Memory corruption
  • Web security
  • Intrusion detection
  • Reverse engineering and binary analysis
  • Static and dynamic vulnerability discovery
  • Malware classification and triage

CS5770 Fall 2015

Software Vulnerabilities and Security is a graduate course covering common software programming, configuration, and design mistakes, and how to avoid them. The goals of the course are the following:

  • Examine major vulnerability classes introduced in various software domains and levels of the software stack
  • Understand effective techniques for defending against exploitation in situ
  • Understand approaches for detecting the presence of vulnerabilities during development and deployment
  • Gain hands-on experience in attacking and defending vulnerable software

Examples of topics covered by this course include:

  • Memory corruption
  • Web security
  • Intrusion detection
  • Reverse engineering and binary analysis
  • Static and dynamic vulnerability discovery
  • Malware classification and triage

CS5770 Spring 2015

Software Vulnerabilities and Security is a graduate course covering common software programming, configuration, and design mistakes, and how to avoid them. The goals of the course are the following:

  • Examine major vulnerability classes introduced in various software domains and levels of the software stack
  • Understand effective techniques for defending against exploitation in situ
  • Understand approaches for detecting the presence of vulnerabilities during development and deployment
  • Gain hands-on experience in attacking and defending vulnerable software

Examples of topics covered by this course include:

  • Memory corruption
  • Web security
  • Intrusion detection
  • Reverse engineering and binary analysis
  • Static and dynamic vulnerability discovery
  • Malware classification and triage

CS3740 Fall 2014

CS3740 is an undergraduate introduction to the principles of computer security. The goals of the course are the following:

  • Introduce the fundamental principles of designing and implementing secure programs and systems
  • Present and analyze prevalent classes of attacks against systems - Discuss techniques for identifying the presence of vulnerabilities in system design and implementation, preventing the introduction of or successful completion of attacks, limiting the damage incurred by attacks, and recovering from system compromises
  • Present the ethical considerations of security research and practice

This course offers opportunities for hands-on practice of real-world attack and defense in several domains, including systems administration, the Web, and mobile devices.

CS4740 Fall 2014

CS4740/6740 is a mixed undergraduate and graduate-level course on network security covering a diverse range of topics at all layers of the networking stack, from physical to application-level security. The course focuses on the intersection between systems security principles and networking, from abstract models to their application in systems code, the Web, and mobile platforms. There is a pronounced emphasis on practical techniques for both defending and attacking systems in support of the high-level goal to impart the “attacker’s mindset.”

CS3740 Spring 2014

CS3740 is an undergraduate introduction to the principles of computer security. The goals of the course are the following:

  • Introduce the fundamental principles of designing and implementing secure programs and systems
  • Present and analyze prevalent classes of attacks against systems - Discuss techniques for identifying the presence of vulnerabilities in system design and implementation, preventing the introduction of or successful completion of attacks, limiting the damage incurred by attacks, and recovering from system compromises
  • Present the ethical considerations of security research and practice

This course offers opportunities for hands-on practice of real-world attack and defense in several domains, including systems administration, the Web, and mobile devices.