Course Time:	Monday, Wednesday 2:30pm-4:20pm
Course Location:	PH A20
Course Instructor:	David Brumley. Office Hours: Wednesday immediate after class until 5pm
Teaching Assistants:	Ed Schwartz. Office Hours: Monday immediately after class until 5:30pm.
	Greg Nazario. Office Hours: Thursday 3:30-5:30pm. Location: HH 1300 Wing
	Jonathan Burket. Office Hours: Tuesday 3:30-5:30pm. Location: CIC 2315B
Academic Assistant:	Chelsea Mastilak, 1112 Hamerschlag Hall
Prerequisites:	15-213 and 15-214, or permission of instructor
Number of units:	12
Undergraduate course designation:	Depth, Coverage
Undergraduate Course Area:	Computer Software
Required Textbook:	None

Security is now a core requirement when creating systems and software. This course will introduce students to the fundamentals of computer security and applied cryptography. Topics include software vulnerability analysis, defense, and exploitation, reverse engineering, networking and wireless security, and applied cryptography. Students will also learn the fundamental methodology for how to design and analyze security critical systems.

This course covers three basic areas in computer security:

• Software security. In this portion of the course we will investigate common types of vulnerabilities ranging from buffer overflows to injection attacks. Students will become adept at reverse engineering, identifying flaws, and exploitation. The goal is for students to be able to i) recognize vulnerabilities, ii) understand the fundamental characteristics of the vulnerabilities, and iii) understand current defenses.
• Network security.
• Applied Cryptography.

Grading

I will guarantee at least the following grades:

• 89.5 - 100: A
• 79.5 - 89.4: B
• 69.5 - 79.4: C
• 59.5 - 69.4: D
• < 59.5: F

I may lower the points necessary to achieve a grade, but I will not raise them.

Breakdown

I will use the following breakdown:

• 35% Homework
• 30% Exam 1
• 30% Exam 2
• 5% Participation and attendance

Late Days

Late days interfere with the ability of course staff to quickly turn around assignment grades and solutions. The problem is we cannot give out solutions or graded assignments until everyone has turned in their work. Therefore, we only offer late days in emergency or exceptional circumstances, such as hospitalization. We do not offer late days for personal scheduling issues such as interviews, class load, etc.

Policies

The course staff will treat all students ethically and fairly. We, in turn, expect the same from all students.

Any lapse in ethical behavior will immediately result in -1,000,000 points, as well as be immediately reported to the appropriate university disciplinary unit. Really. Even if you just have to pass the class, even if you didn't know it was cheating or plagiarism, and even if it will never happen again. Prof. Brumley is very, very tough and intolerant of cheating, plagiarism, or unethical behavior.

This course will follow CMU's policy on cheating and plagiarism. Note that the policy gives several examples of what constitutes cheating and plagiarism. If you have any questions, you should contact the instructor. We have one additional rule: don't be a nuisance. Even if something is legal, that doesn't mean it is necessarily ok.

Please ask the course staff if you have any questions regarding whether a particular behavior is OK or not. In particular:

• Don't break laws or cause a nuisance. This course discussed security-related topics. As such, you will be exposed to ideas and techniques that could be used to break the law. This knowledge does not mean it is OK to break the law or cause a nuisance. Examples of prohibited activities include scanning networks, launching exploits, "testing" the security of a system without explicit permission from all necessary parties, and so on.
• Collaboration. Students are encouraged to talk to each other, to the course staff, or to anyone else about any of the assignments. Assistance should be limited to discussion of the problem and sketching general approaches to a solution. Each student must turn in his or her own solution.

The schedule below is subject to changes. Please check back regularly.

Num	Date	Subject and Slides	Reading/Materials
01	08/26/2013	Introduction [PDF]	Trusting Trust
02	08/28/2013	Compilation and basic executions semantics [PDF]	CS:APP Chapter 3
N/A	09/02/2013	No Class
03	09/04/2013	Control flow attacks [PDF]	Smashing the stack for fun and profit Exploiting format strings Smashing the stack in 2011
04	09/09/2013	Thinking up exploits	From Class: Handout Vulnerable Binary Solutions on Blackboard
05	09/11/2013	Control flow attack defenses [PDF]	ASLR Smack and Laugh Reference Design of ASLR in PAX Homework 1 Out
06	09/16/2013	Return-oriented programming [PDF]	The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86) If the above is confusing at all, please google "ROP tutorial". You will find a number of references, such asA Primer on Return Oriented Programming
07	09/18/2013	CFI and Reference Monitors [PDF]	Control Flow Integrity: Principles, Implementations, and Applications (Note: I have here the conference version. There is also a longer, more complete journal version.) Homework 1 Due
08	09/23/2013	Review [PDF]
N/A	09/25/2013	Exam 1
09	09/30/2013	Introduction to cryptography [PDF]	Mihir Bellare's Introduction to Modern Cryptography: Chapter 1 Chapter 2
10	10/02/2013	OTPs, PRNGs, and proving security [PDF]
11	10/07/2013	Block ciphers (Ed Schwartz) [PDF]
12	10/09/2013	MACs and hashes [PDF]
13	10/14/2013	Authenticated encryption [PDF]	Homework 2 Out
14	10/16/2013	Public key crypto [PDF]
15	10/21/2013	Review	Homework 2 Due
N/A	10/23/2013	Exam 2
16	10/28/2013	Canceled
17	10/30/2013	Online Crime (Nicolas Christin)	Measuring and Analyzing Search-Redirection Attacks in the Illicit Online Prescription Drug Trade, except section 5
18	11/04/2013	Web Security 1 (Jonathan) [PDF]	OWASP XSS Reference OWASP CSRF Reference
19	11/06/2013	Web Security 2 (Jonathan)
20	11/11/2013	Mobile Security [PDF]
21	11/13/2013	No Class
22	11/18/2013	IDS and Detection Theory [PDF]	The base-rate fallacy and its implications for the difficulty of intrusion detection Homework 3 Out
23	11/20/2013	Cancelled	A Survey of BGP Security, up through and including section IV.A
24	11/25/2013	The Coolest Bug Contest	Homework 3 Due
N/A	11/27/2013	No Class - Thanksgiving
25	12/02/2013	Review [PDF]
N/A	12/04/2013	Exam 3

Homework #1:

• Handout
• recoverpw.tar.gz

Homework #2:

• Handout

Homework #3:

• Handout

I am the faculty advisor for PPP, the CMU hacking team. Please visit their website for information. I recommend signing up for their mailing list, and regularly attending meetings.