Undergraduate students are also welcome in our graduate courses.
CS4401. Software Security Engineering
This course provides an introduction to the pitfalls and practices of building secure software applications. Topics will include threat modeling, secure software development, defensive programming, web security and the interaction between security and usability. The course focuses on the application level with minor attention to operating-system level security; network-level security is not covered. Assignments involve designing and implementing secure software, evaluating designs and systems for security-related flaws, and presentations on security issues or tools. All students will be required to sign a pledge of responsible conduct at the start of the course.
Recommended Background: CS3013 and CS3733. The course assumes nontrivial experience with C and Unix, familiarity with operating systems, filesystems, and databases, and experience with technologies for building web applications (from CS4241 or personal experience).
CS4404. Tools and Techniques in Computer Network Security
(Offered 2012-13 and in alternating years thereafter)
This course introduces students to modern network security concepts, tools, and techniques. The course covers security threats, attacks and mitigations at the operating-system and network levels (as opposed to the software level). Topics include: authentication, authorization, confidentiality, integrity, anonymity, privacy, intrusion detection and response, and cryptographic applications. Students will become familiar with modern security protocols and tools. Assignments will involve using security-testing software to uncover vulnerabilities, network packet analyzers, and existing security applications to create secure network implementations. The course requires enough programming and systems background to understand attacks and use systems tools, but does not involve significant programming projects. Assignments and projects will use a Linux base for implementation.
Students who have credit for CS 558 may not earn subsequent credit for this course.
Recommended Background: Knowledge of operating systems (CS3013 or equivalent) and computer networks (CS3516 or equivalent). Familiarity with Linux or Unix is essential.