This is an introductory course on computer security. I will teach this course in 4 modules. Each module consists of 5-6 lectures. The modules are described here.

Staff:

Instructor Vijay Ganesh
Office Hours: By appointment (DC 2530)
TAs
Sanu ES (ses@uwaterloo)
David Cheng (x22cheng@uwaterloo)
Office Hours: Wednesday 11 AM-12:30 PM (DC  2630)
Office Hours: Wednesdays 2-3 PM (DC 2634)

Lectures:  Tue, Wed, Thu/8:30-9:20 AM/MC 4021 (Class Schedule)
Tutorials: TBD

Date     
Lectures Slides
Assigned Reading (Books chapters, papers)
Tue May 6
Lecture: Course logistics. Introduction to computer security, basic concepts such as confidentiality, integrity, availability, policy and mechanism, trust and assumptions. Material sourced from Matt Bishop's book Introduction to Computer Security, and lecture slides by Professor Bill Young of UT, Austin.

Lecture (Slides 1-25) (With permission and courtesy of Professor Dan Boneh of Stanford University): Control hijack attacks. Buffer overflow vulnerabilities and stack smashing attacks, integer overflow vulnerabilities, string format vulnerabilities. Attacks that combine different kinds of vulnerabilities. 

Lecture (Slides 26 - 58) (With permission and courtesy of Professor Dan Boneh of Stanford University): Techniques to prevent, detect and recover from control hijack attacks. Typesafe languages. Address space layout randomization (ASLR). Stack canaries.  Safe libraries (LibSafe). Heap-spraying attacks.  Techniques to protect against heap-spray attacks.

Project guidlines

Lecture: Testing, analysis and verification for security. Automated testing techniques, program analysis for security, fuzzing, whitebox fuzzing, model-checking and advanced verification techniques.

Lecture: Basics of cryptography. One-time pad. Stream and block ciphers. MACs. Public-key cryptography. Uses of cryptography.


Lecture: Side-channel analysis and attacks. Timing, power, cache,...


Lecture: Motivation for public-key cryptography, Basic number theory, Diffie-Hellman key exchange protocol, RSA public-key encryption scheme, digital signatures


Lecture: Cryptographic hash functions. Properties such as collision resistance (weak and strong), inversion resistance. How hash functions work.


Midterm Solutions


Lecture: Hash Functions and Message Authentication Codes (MACs). Hash Functions and Salts.


Lecture 12: (also available in pptx format): Browser security. How browsers work. Same-origin Policy. JavaScript and XSS attacks.


Lecture 13 (pptx format): CSRF (Cross-Site Request Forgery) attacks


Review of material covered so far in preparation for the mid-term


Mid-term


No class


Lecture 14: Click-jacking attacks (Excellent Talk by David Lin-shung Huang of CMU) ; Discussion of solutions to mid-term exam questions


Lecture 15: Security in control systems by Professor Shreyas Sundaram. Detailed analysis of the Stuxnet virus.

Lecture 16 (pptx format): Network security. Basics of TCP/IP and BGP. TCP Spoofing. BGP attacks. DNS cache poisoning attacks.


Lecture 17 (pptx format): The problem with formal verification (undecidable) and model-checking (PSPACE-complete). Principles of secure design: Isolation, compartmentalization, principle of least privilege, principle of safe defaults, access control (ACLs, capabilities and role-based).

Lecture 18 (Overview of computer security concepts. Distributed Denial of Service attacks)


Lecture 19 (pptx format): Lecture by Dr. Glenn Wurster from Blackberry. Security in the real world.


Acknowledgements: I would like to acknowledge the following people who have been very kind in sharing with me the lecture materials, notes etc. from their respective courses, and given me permission to use them as I wish in this course.

Professor Dan Boneh (Stanford), Professor Matt Bishop (UC, Davis), Professor David Brumley (CMU), Professor Kevin Du (Syracuse), Professor Koushik Sen (Berkeley) , Professor William D. Young (UT, Austin), Professor Konstantin (Kosta) Beznosov (University of British Columbia), Professor Cristian Cadar (Imperial College, London)