CS177: Computer Security

Introduction


We are living in a world that has increasingly moved online. We shop and bank via the Internet, share information with family and friends via social networks, and stream the latest movies. We have put devices into our homes that listen to what we say and control real-world "things," such as light bulbs and door locks. And, increasingly, we have connected critical infrastructure to the Internet as well. These changes have resulted in many novel services, and they provide great convenience. Unfortunately, this reliance on networked computer systems has also a downside. Attackers continuously exploit vulnerabilities and gain access to our systems, stealing money and sensitive data. We are tracked online, and our private information is leaked. Cyberattacks now have consequences in the real world and disrupt our daily lives.

Computer security deals with the protection of computer systems and information from harm, theft, and unauthorized use. In this course, we will look at a broad overview of modern computer security, covering topics that are related to both systems security and cryptography. The class will start with basic definitions and fundamental concepts in security. We will then look at the security of core components of interconnected systems, such as networks, operating systems, applications, and the world wide web. We will also introduce basic concepts from cryptography, such as public and private key encryption, digital signatures, passwords, and authentication.

The course aims to make students security aware. That is, the goal is to help students understand what they can do to design and build more secure systems. What are common programming mistakes, and how can we avoid them? What are key considerations that we need to think about when designing secure systems? Following a long-standing tradition in security courses, there is no official textbook: security is a (too) fast moving field. We will provide the slides for the lectures. In addition, there will be a number of practical lab assignments where students can apply their theoretical knowledge to practical problems.

News


  • We plan to use Zoom for all lectures and discussion sessions. In order to distribute the necessary dial-in information, please sign up for the class on Piazza as soon as possible. We hope to use this message board to efficiently distribute important announcements and updates. Also, we plan to create a Slack channel for this class, and we need your email addresses to be able to invite you there.
  • In response to COVID-19, UCSB is transitioning to remote instruction for the spring quarter. This means that all lectures and office hours will be held remotely. I understand that this is a difficult situation, but I also hope that, together, we can work through it. Please check back for additional information on how we will run the class as we get closer to the start of the new quarter. In the meantime, please check the COVID-19 website for the latest information that the campus has available.

General Information


Lectures:Mon/Wed, 2:00pm - 3:15pmOnline
Instructor:Christopher Kruegelchris (at) cs.ucsb.edu
Office hours:Wed, 3:30pm - 4:30pmOnline
TA Lab hours:Lukas DreselThursday, 1pm - 4pm
Dongyu (Hector) MengTuesday, 1pm - 4pm
Hojjat AghakhaniFriday, 10am - 1pm
Discussion BoardPiazza
Class Emailcs177 (at) cs.ucsb.edu

Grading Policy


The grading for CS177 is based on two exams (midterm and final) and several programming projects.

Projects50%
Exams (Midterm and Final)50%

Project Submission and Late Policy


Project assignments are due at 11:59:59PM on the night it is due. For details on how to submit your assignments, you should read the project pages.

Policy on Cheating and Plagiarism


A note on cheating. We encourage you to talk with your classmates and discuss your approaches on projects, but any actual copying of code is cheating. Cheating will result in a 0 on the assignment, and depending on severity, can result in a failing grade or possible administrative action by UCSB.