 |
CSE 484 / CSE M 584: Computer Security (Winter 2009) |
|
 CSE Home |
About Us |
Search |
Contact Info |
|
 |
Additional MaterialLecture 1Topic: Introduction to Security.Slides: here. Required reading: Daswani et al, Chapters 1, 2, and 3. (Note: The book switches the definition of false positive and false negative at the top of page 11.) Lecture 2Topic: Software Security.Slides: here. (The class lecture notes draw a stack frame as: [buf] [Saved SP] [ret/IP] [str] Caller's frame...This is a little confusing, since the "Saved SP" here refers to the saved value of the frame pointer from the previous (calling) stack frame.) Required reading: Daswani et al, Chapters 5 and 6. Recommended reading (for project): Aleph One, Smashing the Stack for Fun and Profit. Text file available here: http://www.cs.washington.edu/education/courses/484/09wi/lectures/stack.txt. Recommened reading (for project): scut / team teso, Exploiting Format String Vulnerabilities. PDF available here: http://www.cs.washington.edu/education/courses/484/09wi/lectures/formatstrings.pdf. Recommended reading (for project): Chien and Szor, Blended Attacks. PDF available here: http://www.peterszor.com/blended.pdf. Optional: McGraw and Viega, Software Security Principles Part 1, Part 2, Part 3, Part 4, Part 5. Optional: Harold, Fuzz Testing. Available online here: http://www.ibm.com/developerworks/java/library/j-fuzztest.html. Optional: Fuzz Testing Tools and Techniques. Optional: Wheeler, Secure Programming for Linux and Unix HOWTO. Available online here: http://www.dwheeler.com/secure-programs/. Section 3Lecture 4Topic: Intro to Cryptography.Slides: here. Required reading: Handout, Chapteres 1 and 2. Lecture 5Topic: Crypto Intro and Web Security.Slides: here. Required reading: Daswani et al, Chapters 7, 8, and 10. Section 6Lecture 7Topic: Symmetric CryptographySlides: here. Required reading: Handout, Chapters 3 and 4. Skip Sections 3.5.3 through 3.5.7. Section 8Lecture 9Topic: Physical security.Slides: NA. Required reading: NA. Lecture 10Topic: Symmetric Cryptography.Slides: here. Required reading: Handout, Sections 7.1, 7.2, 7.3, 9.1, 9.2, and 9.7. Section 11Lecture 12Topic: Symmetric Cryptography and Networks.Slides: here. Required reading: NA. Lecture 13Topic: Networks.Slides: here. Required reading: NA. Section 14Lecture 15Topic: Networks and authentication.Slides: here. Required reading: NA. Lecture 16Topic: User authentication.Slides: here. Required reading: NA. Section 17Lecture 18Topic: Crypto context and anonymity.Slides: here. Required reading: Daswani et al, Chapter 9. (Content from last class.) Section 19Lecture 20Topic: Intrusion detection and asymmetric cryptography.Slides: here. Required reading: Daswani et al, Chapter 13, 14, 15.3, 15.5. Lecture 21No class.Section 22Lecture 23Topic: Asymmetric cryptography.Slides: here. Required reading: NA. Lecture 24Topic: Human aspects.Slides: here. Required reading: NA. Section 25Lectures 26 and 27Topic: Research directionsSlides:
Why Phishing Works, RFID Secret Handshakes, SlyFi, Pacemakers and ICDs, Spamalytics, 0wn the Internet, Library RFID. Section 28 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
 |
Computer Science & Engineering University of Washington Box 352350 Seattle, WA 98195-2350 (206) 543-1695 voice, (206) 543-2969 FAX |
