ECE1776: Computer Security, Cryptography and Privacy

Fall 2017 Syllabus

Course Overview

This course covers advanced topics in computer security, cryptography and privacy, with a leaning towards exploring cutting edge problems and techniques that are still the focus of academic and industrial research.  Rather than offering a generic broad course in security, this course is continually updated to focus on current and relevant security problems.

The focus this year in the course be on machine learning security and smartphone privacy and security.  The main requires for the course are to actively read and write summaries and reviews for the course papers and complete a class project in machine learning (more details to be posted later).  If you are interested in taking this course, please fill in the signup form.

Prerequisite: The course assumes students have taken ECE568 or equivalent.  This course provides basic background in computer security concepts, common vulnerabilities and attacks (buffer overflow, integer overflow, format string, XSS, SQL injection, CSRF, etc...), common defenses and security mechanisms (ASLR, MAC, DAC, Cookies, etc...) and basic cryptography (DES, AES, RSA, cipher modes, MAC, Hashes, etc...).  Some experience with machine learning will also be a plus as many of the readings (below) will touch upon machine learning.  There will be a quick quiz during the first lecture to help students evaluate whether they have the appropriate background for the course.  If you are unsure, you can fill out the assessment quiz and the instructor will get back to you.

Evaluation and Deliverables

Students will be evaluated via a research project they will conduct over the course of the semester.  One of the goals of this course will be to give students a large amount of feedback in the various stages of designing, implementing and evaluating security tools and systems.  There are 5 deliverables for the course:

Students are encouraged to work in groups and the size and number of groups will be determined based on class size to ensure that each student gets an opportunity to present their work and receive feedback.

 Week    

Topics and Readings

Assignments

Sept 13

Introduction: Review security concepts

  • Please take the self assessment quiz.  It’s not graded, but it will help you get an idea if this course is right for you.
  • If you will take the course, please sign up on the course signup page to receive reviewing assignments.  You will not receive any reviewing assignments if you do not sign up.

Sept 20

Intro to Machine Learning and Security

Sept 27

Challenges with machine learning in security

Oct 4

Attacking ML systems:

Oct 11

Model inversion and Model theft:

Project Presentation

Oct 18

Android & Mobile Security

Oct 25

Project proposals and discussion

Due: 1 page description of proposed approach.  

Nov 1

Instructor away, class cancelled

Nov 8

Midterm Presentations

Due: In-class presentations

Nov 15

Midterm Presentations

Due: In-class presentations

Nov 22

Android Security Tools

Nov 29

Final Presentations

Due: In-class presentations

Dec 6

Final Presentations

Due: In-class presentations

Final reports due