CMPSCI 177: Computer Security and Privacy
Class Syllabus
Overhead Transparencies
Introduction (pdf)
Digital Rights Management (pdf)
Cryptography (pdf)
DES Figures (pdf)
SQL Injection and Cross-site Scripting Attacks (pdf)
Security Principles (pdf)
Authentication (pdf)
Malware (pdf)
Buffer Overflows (pdf)
Formal Security Models (pdf)
Torpig Botnet Takeover (pdf)
Internet Security (pdf)
Online Banking (pdf)
Reading Assignments
Bishop Chapter 1
"Software Engineering Encyclopedia Article" by Kemmerer (pdf)
Howstuffworks article on DRM
Bishop Chapter 8
Bishop Chapter 9
SQL Injection: Modes of attack, defense, and why it matters by Stuart McDonald
XSS Cheat Sheet by RSnake
Bishop Chapter 12
Bishop Chapter 11
"Malware - Background and Motivation" by Christopher Kruegel (pdf)
Bishop Chapter 19
Smashing The Stack For Fun And Profit by Aleph One
Bishop Chapters 4 and 5
Bishop Chapter 6
"Your Botnet is My Botnet: Analysis of a Botnet Takeover by Stone-Gross, et. al.
Bishop Chapter 23
BBC - Defeating the Hackers
"Security Testing of the Online Banking Service of a Large International Bank" by dos Santos, Vigna, and Kemmerer (pdf)
Homework Assignments
Homework 1 -- Security Terms and Obtaining Vulnerability Information (pdf)
Homework 2 -- Crypto Analysis (pdf),
Homework 3 -- DES, Public Key, and Digital Rights Management (pdf)
Homework 4 -- SQL Injection and XSS (pdf)
Homework 5 -- Password Cracking (pdf)
Homework 6 -- Buffer Overflow (pdf)
Homework 7 -- Malware, Security Policies, and Internet Security (pdf)
Homework Solutions
Handouts
Personal Questionnaire (pdf)
DES 16 round example - courtesy of Prof. Konheim (pdf)
Final Topics (pdf)
Last modified: December 3, 2013 by Dick Kemmerer
mailto: kemm AT cs.ucsb.edu