SPAR

Security and Privacy Applied Research Lab

Attacking Security Systems (600.412)

This course serves as an introduction to how security systems are broken in the real world. Topics include software flaws and reverse-engineering, protocol analysis and the misuse of cryptography, side channel attacks, and attacks on physical security measures such as locks and tamper-resistant devices.

Network Security (600.324/424)

This course focuses on security in computer systems and networks. The course covers selected areas in network security, with particular focus on relatively recent research topics. We examine (in no particular order) critical network security services such as authentication and access control, routing, firewalls, domain naming service, traffic monitoring and intrusion detection, malware propagation and detection, secure auditing and searchable encryption, IP traceback schemes, Java Security, Web security and privacy, among others. Where appropriate, we examine threats and vulnerabilities to specific architectures and protocols.

Cryptography and Network Security (600.342/442)

This course focuses on algorithms and protocols for secure network communication. Topics include cryptographic algorithms (DES, Diffie-Hellman, RSA), authentication, key management, secure networking, certification, trust management, and secure electronic commerce.

Security and Privacy in Computing (600.343/443)

Topics include computer security, network security, basic cryptography, system design methodology, and privacy.

Selected Topics in Network Security (600.624)

This course focuses on selected research topics in communications security. The course is structured as a research seminar where students present research papers to their peers. Topics may include side-channel attacks, searches on encrypted data, broadcast encryption, private information retrieval, covert channels and anonymous communication, information hiding, among others.

Computer and Network Forensics (600.625)

This course exposes students to a myriad of fundamental concepts and techniques for recovering and inferring information in computer systems and networks. Topics include (but are not limited to) file system forensics, kernel-level rootkits and associated challenges, reconstructing malware evolution and dynamics, analysis of anonymization and privacy preserving techniques, advanced network traceback, traffic classification, biometrics and digital evidence, data integrity and audit trails, secure remote logging, and system call introspection.

Special Topics in Theoretical Cryptography (600.641)

In this seminar, we will explore the foundations of modern cryptography. We will study how to formalize the security guarantee of a protocol and cover techniques for proving that a protocol meets a claimed guarantee. Some included topics will be zero-knowledge proofs, multiparty computation, program obfuscation, and anonymous authentication. An emphasis will be placed on major past results, recent progress and current open problems.

Advanced Cryptographic Protocols (600.642)

This course will focus on advanced cryptographic protocols with an emphasis on open research problems.

Advanced Topics in Computer Security (600.643)

Topics will vary from year to year, but will focus mainly on network perimeter protection, host-level protection, authentication technologies, intellectual property protection, formal analysis techniques, intrusion detection and similarly advanced subjects. Emphasis in this course is on understanding how security issues impact real systems, while maintaining an appreciation for grounding the work in fundamental science.

Designing Security Systems (650.412)

This course serves as an overview of some techniques used in the design of secure systems. The bulk of the course will focus on real-life case studies; we will examine attacks on deployed systems and then investigate how these vulnerabilities have been subsequently addressed. Additionally, the course will examine the practical advantages and shortcomings of several notions of provable security.

Researching Security Systems (650.443)

This course provides advanced students the opportunity to do closely directed research in small groups on selected topics in computer security. .Students will learn how to conduct literature searches, choose suitable topics for research, analyze existing systems, construct new systems, develop metrics and models to quantify their improvements, and present their results in both written and oral forums.