Computer systems play a critical role in modern society. Unfortunately, there exist individuals -- including vandals and professional criminals -- who wish to compromise the security and privacy of these computer systems. Computer security is the discipline dedicated to protecting computer systems and their users from the malicious actions of adversaries. This course will bring students to the forefront of modern computer security research, thereby giving students the foundations for advancing the state-of-the-art in the field. This course also targets individuals in other fields who wish to address security and privacy in their own research.
We begin by defining the field of computer security, introducing key concepts such as adversaries, threat models, risk management, defenses, and deterrents. We then study the central themes of modern computer security research, including: human factors; attack creation and modeling; attack detection and measurement; cryptography and communications security; system design and implementation; and side channels. While our discussions focus on the foundations of computer security, we also relate those foundations to significant topics in the field, including phishing, usability, worms, botnets, spyware, digital rights management, trusted computing, RFIDs, biometrics, electronic voting, and healthcare.