CS 161: Computer Security

Announcements:

  • Final grades are posted. Thanks for a great semester!

Instructor: Nicholas Weaver

Lecture: Tu/Th, 12:30pm-2:00pm PT

Show/hide optional readings

Skip to current week

Date Lecture Readings Discussion HW
Thu
08/27
Introduction (recording)

Optional: CS61C review

No discussion! HW1
Mon
08/31

Project 1 released

x86, GDB, and Security Principles
(solutions)

(recording)
Tue
09/01
Security Principles (recording)

Notes (Principles)

Notes (Design Patterns)

Thu
09/03
Buffer Overflows (recording)

Notes, sections 1-6

Smashing The Stack For Fun And Profit

Slides on a normal x86 function call, a crash, a control-flow diversion, and code injection

Tue
09/08
Buffer Overflow Defenses (recording)

Notes

Pointer Authentication

Real World Exploit Example

Software Security
(solutions)

(recording)
Thu
09/10
Cryptography - IND-CPA + One-Time Pads (recording)

Notes, sections 1-4

Enigma Machine Notebook

Tue
09/15
Block Ciphers + Symmetric Key Encryption (recording)

Notes, sections 5-6

AES Demo

Cryptography I
(solutions)

(recording)
HW2
Thu
09/17
Integrity (MACs) + Pseudorandom Generators (recording)

Notes, sections 1-2

Tue
09/22
Public Key Exchange (recording)

Notes, section 1

Cryptography II
(solutions)

(recording)
Thu
09/24
Public Key Encryption (recording)

Notes, section 2

Fri
09/25

Project 1 due (11:59pm PT)

Mon
09/28

Optional Lab 1 released

Cryptography III
(solutions)

(recording)
HW3
Tue
09/29
Voting + Blockchain (recording)

Risks of Cryptocurrencies

How to make money with Bitcoin

Thu
10/01
Password Hashing + Signal + Tor (recording)

Notes (Passwords)

Notes (Key Management)

Mon
10/05

Project 2 soft release

Midterm Review
Tue
10/06
Command Injection + SQL Injection (recording)

Web notes, section 5

Squigler demo

Thu
10/08
Intro to Web + Cookies (recording)

Web notes, section 1-3, 7

Fri
10/09

Midterm (5:00pm-7:00pm PT)

Tue
10/13
CSRF + Stored XSS (recording)

Notes, section 6, 8

OWASP page on CSRF

OWASP page on XSS

Web Security I
(solutions)

(recording)
HW4
Thu
10/15
Reflected XSS + UI Attacks (recording)

Web notes, section 6

XSS Prevention Cheat Sheet

Content Security Policy

Tue
10/20
Captchas + Networking Background (recording)

Networking notes, section 1

Web Security II
(solutions)

(recording)
Thu
10/22
Low-Level Network Attacks (recording)

Networking notes, sections 2-4

Tue
10/27
DNS (recording)

Networking notes, sections 8-9

Web Security III
(solutions)

(recording)
HW5
Wed
10/28

Project 2 design doc due (11:59pm PT)

Thu
10/29
IP + TCP + TLS (recording)

Networking notes, sections 5-7

Tue
11/03
(Optional) Boeing 737-MAX + Quantum (recording) Election Week (optional)
Thu
11/05
(Optional) Nukes + Tor + Sidechannels (recording)
Fri
11/06

Optional Lab 1 due (11:59pm PT)

Tue
11/10
TLS (continued) + Denial of Service (recording)

Networking notes, section 7

Network Security I
(solutions)

(recording)
HW6
Thu
11/12
DNSSEC (recording)

Networking notes, section 10

Mon
11/16

Optional Lab 2 released

Network Security II
(solutions)

(recording)
Mon
11/16

Project 3 released

Tue
11/17
Intrusion Detection (recording)
Wed
11/18

Project 2 due (11:59pm PT)

Thu
11/19
Abusing Intrusion Detection (recording)
Tue
11/24
Network Censorship + Malware (recording)

Firewalls notes

No discussion (Thanksgiving) HW7
Thu
11/26
Thanksgiving (No Lecture)
Tue
12/01
Malcode (recording) Network Security III
(solutions)

(recording)
Thu
12/03
Personal Security + Ask Nick Anything (recording)

(Optional) Cat video

Fri
12/04

Project 3 due (11:59pm PT)

Tue
12/08
(Optional) Project 2 Solution Discussion (Live only) Final Review
Thu
12/10
(Optional) Using Buffer Overflows to Speedrun Super Mario Bros. 3
Fri
12/11

Optional Lab 2 due (11:59pm PT)

Thu
12/17

Final exam (11:30am-2:30pm PT)