CSE 509, System Security, Spring 2019

Lecturer: Nick Nikiforakis
Teaching Assistants: Xigao Li (xigli[email squiggly thingy]cs.stonybrook.edu)
TA Office hours:Thursdays 5:00 pm - 6:00 pm, Old CS building, Room 2217
Time:MW 4:00 pm - 5:20 pm
Place:MELVILLE LBR W4550 WESTCAMPUS
Office Hours: MW 5:30 - 6:30 pm, NCS #361
Contact: nick[email squiggly thingy] cs.stonybrook.edu
Important: When sending me an email about the course, make sure your title starts with "[CSE 509]" (without the quotes). Mislabeled or unlabeled emails will, most likely, not be read.

News

Class Description

In this class, we will together explore the concepts behind system security. We will look at the core principles behind secure (and insecure) systems and how to both discover vulnerabilities as well as how to correct them.

The course will consist of lectures, assignments, and a course project.

Some of the topics that we will cover are the following:

Textbook

Following a long-standing tradition in security courses, there is no official textbook for this course. I am drawing inspiration mostly from the following books:

Requirements and Grading

Subject to minor tweaks throughout the semester.

Schedule and Reading Assignments

Date Topic Reading Assignment(s)
1/28/2019Introduction, Motivation and DefinitionsReflections on Trusting Trust
1/30/2019Authentication
2/04/2019Authentication (continued)
2/06/2019Authentication (continued)
2/11/2019Access Control
2/13/2019Access Control (continued)
2/18/2019Access Control (continued)
2/20/2019Software Security
2/25/2019No class (instructor away on travel)
2/27/2019Side-Channels (invited talk)
3/04/2019Software Security (continued)
3/06/2019Software Security (continued)
3/11/2019Software Security (continued)
3/13/2019Software Security (continued)
3/11/2019Software Security (continued)
3/18/2019Spring Break (no class)
3/20/2019Spring Break (no class)
3/25/2019No class (instructor away on travel)
3/27/2019Midterm (in class)
4/01/2019Secure Design Principles
4/03/2019Cryptography Crash Course
4/08/2019SSL and TLS The Security Impact of HTTPS Interception
4/10/2019SSL and TLS (continued)
4/15/2019SSL and TLS (continued)
4/17/2019How the web works
4/22/2019How the web works (continued)
4/24/2019Web Application Security: Client side
4/29/2019Web Application Security: Server side
5/1/2019A brief introduction to online tracking

Misc

Note: If you have a physical, psychological, medical or learning disability that may impact on your ability to carry out assigned course work, please contact the staff in the Student Accessibility Support Center, Room 128, Educational Communications Center (ECC), 631-632-6748. The center will review your concerns and determine with you what accommodations are necessary and appropriate. All information and documentation of disability are confidential. For more information, please visit their website: https://www.stonybrook.edu/commcms/studentaffairs/sasc/

Note: Each student must pursue his or her academic goals honestly and be personally accountable for all submitted work. Representing another person's work as your own is always wrong. Any suspected instance of academic dishonesty will be reported to the Academic Judiciary. For more comprehensive information on academic integrity, including categories of academic dishonesty, please refer to the academic judiciary website at http://www.stonybrook.edu/uaa/academicjudiciary/.