Computer systems play a critical role in modern society. Unfortunately, there exist individuals -- including vandals and professional criminals -- who wish to compromise the security and privacy of these computer systems. Computer security is the discipline dedicated to protecting computer systems and their users from the malicious actions of adversaries. This course is designed to bring participants to the forefront of modern computer security research, thereby giving students the foundations for advancing the state-of-the-art in the field. This course also targets individuals in other fields who wish to address security and privacy in their own research.
We begin by defining the field of computer security, introducing key concepts such as adversaries, threat models, risk management, defenses, and deterrents. We then study the central themes of modern computer security research, including: human aspects; attack creation and modeling; attack detection and measurement; cryptography and communications security; system design and implementation; and side channels. Because of its strong research focus, participants in the course will read papers, review those papers (as if they were on a program committee), discuss papers in a program committee-like setting, and conduct independent research in a topic related to computer security.