This course serves as an introduction to how security systems are broken
in the real world. Topics include software flaws and
reverse-engineering, protocol analysis and the misuse of cryptography,
side channel attacks, and attacks on physical security measures such as
locks and tamper-resistant devices.
This course focuses on security in computer systems and networks. The course
covers selected areas in network security, with particular focus on relatively
recent research topics. We examine (in no particular order) critical network
security services such as authentication and access control, routing,
firewalls, domain naming service, traffic monitoring and intrusion detection,
malware propagation and detection, secure auditing and searchable encryption,
IP traceback schemes, Java Security, Web security and privacy, among others.
Where appropriate, we examine threats and vulnerabilities to specific
architectures and protocols.
This course focuses on algorithms and protocols for secure network
communication. Topics include cryptographic algorithms (DES, Diffie-Hellman,
RSA), authentication, key management, secure networking, certification, trust
management, and secure electronic commerce.
Topics include computer security, network security, basic cryptography,
system design methodology, and privacy.
This course focuses on selected research topics in communications security. The
course is structured as a research seminar where students present research
papers to their peers. Topics may include side-channel attacks, searches on
encrypted data, broadcast encryption, private information retrieval, covert
channels and anonymous communication, information hiding, among others.
Computer and Network Forensics (600.625)
This course exposes students to a myriad of fundamental concepts and
techniques for recovering and inferring information in computer
systems and networks. Topics include (but are not limited to) file
system forensics, kernel-level rootkits and associated challenges,
reconstructing malware evolution and dynamics, analysis of
anonymization and privacy preserving techniques, advanced network
traceback, traffic classification, biometrics and digital evidence,
data integrity and audit trails, secure remote logging, and system
call introspection.
Special Topics in Theoretical Cryptography (600.641)
In this seminar, we will explore the foundations of modern
cryptography. We will study how to formalize the security guarantee of
a protocol and cover techniques for proving that a protocol meets a
claimed guarantee. Some included topics will be zero-knowledge proofs,
multiparty computation, program obfuscation, and anonymous
authentication. An emphasis will be placed on major past results,
recent progress and current open problems.
Advanced Cryptographic Protocols (600.642)
This course will focus on advanced cryptographic protocols with an
emphasis on open research problems.
Topics will vary from year to year, but will focus mainly on network perimeter
protection, host-level protection, authentication technologies, intellectual
property protection, formal analysis techniques, intrusion detection and
similarly advanced subjects. Emphasis in this course is on understanding how
security issues impact real systems, while maintaining an appreciation for
grounding the work in fundamental science.
This course serves as an overview of some techniques used in the design
of secure systems. The bulk of the course will focus on real-life case
studies; we will examine attacks on deployed systems and then
investigate how these vulnerabilities have been subsequently addressed.
Additionally, the course will examine the practical advantages and
shortcomings of several notions of provable security.
Researching Security Systems (650.443)
This course provides advanced students the opportunity to do closely
directed research in small groups on selected topics in computer
security. .Students will learn how to conduct literature searches,
choose suitable topics for research, analyze existing systems, construct
new systems, develop metrics and models to quantify their improvements,
and present their results in both written and oral forums.