Computer Security

Abstract

This course covers the basics of computer security. The goal of this course is to teach students how to identify, exploit, and mitigate security vulnerabilities through hands-on experience and a series of Capture the Flag (CTF) challenges.

Objective

In this course, students attend lectures covering the material alongside preparation for hands-on work. In the practical sessions, they implement solutions, solve Capture-the-Flag challenges, and submit their flags. Solving security challenges enables the students to build a security mindset and provides fundamental and basic knowledge for a career in cybersecurity. Students will tackle challenges in web security, machine learning, cryptography, and system-level exploitation. By the end of the course, they will have gained necessary background and tools to understand cybersecurity threats and apply their knowledge in practice. More specifically, students will focus on three topics: 1. Web security where students learn about the vulnerabilities in the internet and how to exploit these vulnerabilities in websites and databases (e.g., SQL injection) 2. Machine learning (ML) security where students learn about confidentiality and integrity vulnerabilities in modern ML models (e.g., prompt injection and adversarial examples) 3. Cryptography where students learn about basics of cryptographic implementations with foundations on symmetric and asymmetric cryptography 4. System and binary security where students learn about low-level machine codes (RISC-V) and operating systems, and how to exploit and secure vulnerabilities in such machines (e.g., return-oriented programming, buffer overflow, ASLR)

Resources