The past decade has seen an explosion in the concern for the security of information. This course introduces students to the basic principles and practices of computer system and networking security, with detailed analysis of real-world examples and hands-on practice. Topics include the basic crypto, authentication, reverse engineering, buffer overflow attacks, vulnerability scanning, web attacks, firewalls, intrusion detection/prevention systems, etc. We will first introduce the basic theory for each type of attacks; then we will actually carry them out in 'real-world' settings. The goal is to learn security by learning how to view your machine from a hacker's perspective. In addition, we encourage students to participate in the UCSB International Capture the Flag Competition. Capture the Flag is a network security exercise where the goal is to exploit other machines while defending your own. In fact, this course should prepare you for any one of many capture the flag competitions that take place year round.
We will learn about different types of hacks and perform them. After learning how to execute such exploits and penetrate a network, we will discuss ways to protect a network from others exploiting the same vulnerabilities. Understanding security is essential in all fields of software development and computing.For major or minors in Computer Science, this course can satisfy the systems breadth. If you have any questions, please contact one of the instructors below.
- EECS 213 (Introduction to Systems) or EECS 205/231 Required
- EECS 340 or 333 (Networking) Required
- EECS 343 (Operating Systems) Recommended
- Professor Yan Chen Homepage
Location and TimeLocation: TBD Time: TBD
Office HoursOn-site hours in Wilkinson Lab:
- 45% Participation (class discussion and labs)
- 45% Homework (individual projects)
- 10% Quiz
- 5-10% (bonus) for participating in the iCTF
All the files you need for labs and projects are available on this GitHub repo.
We would like to foster a community for students in this class to help each other with projects (without giving solutions, of course).