CS 315 Computer Security: Fengwei Zhang

CS 315 Computer Security

Fall 2023 -- Fengwei Zhang

Instructor: Fengwei Zhang
Class Time: Tuseday 02:00PM - 3:50PM
Class Location: Room 203, Teaching Building III
Lab Time: Monday, 07:00PM - 08:50PM
Lab Location: Room 508, Teaching Building III

Syllabus: [PDF]
Office Address: Engineering Building, South Tower, Room 515
Homepage: http://cse.sustech.edu.cn/faculty/~zhangfw
Email: zhangfw (at) sustech (dot) edu (dot) cn

Course Description

This course aims help students to learn the principles of computer security and understand how various security attacks and countermeasures work. It provides hands-on experience in playing with security software and network systems in a live laboratory environment, with the purpose of understating real-world threats. The course will take both offensive and defense methods to help student explore security tools and attacks in practice. It will focus on attacks (e.g., buffer overflow, dirty COW, format-string, XSS, and return oriented programming), hacking fundamentals (e.g., scanning and reconnaissance), defenses (e.g., intrusion detection systems and firewalls). Students are expected to finish intensive lab assignments that use real-world malware, exploits, and defenses

Course Objectives

This course offers an in depth experience of real-world threats and defenses. Upon successful completion of this class, the student will gain experience in:

Understanding on real-world security vulnerabilities, exploits and defenses
Having hands-on labs in network and system security experiments
Learning knowledge of practical security problems and their solutions

Prerequisites

Familiar with Unix/Linux systems; or permission of the instructor.

Recommended Book

Wenliang Du, Computer Security: A Hands-on Approach, 3rd Edition (ISBN: 978-17330039-5-7)

Grading Policy

The grades for the course will be based upon the tables given below

Topics	Grade
Class Participation	40
Lab 1: Computer Security Introduction	60
Lab 2: Malware Reverse Engineering	60
Lab 3: Secure Coding and Buffer Overflow	60
Lab 4: Secure Coding and Format-String Vulnerability	60
Lab 5: Return-to-libc and Return Oriented Programming	60
Lab 6: Fuzzing and Program Analysis	60
Lab 7: Cryptography	60
Lab 8: Network Packet Sniffing	60
Lab 9: Web Security and SQL Injection	60
Lab 10: Scanning, Reconnaissance, and Penetration Testing	60
Lab 11: IoT, Wireless and Phyiscal Attacks	60
Lab 12: Nailgun Attack and Defense	60
Term Project Proposal	60
Term Project Progress Meetings	60
Term Project Presentation	60
Term Project Report	60
Total	1000

Gradding Scale

A+	97 - 100%	C+	77 - 79%
A	93 - 96%	C	73 - 76%
A-	90 - 92%	C-	70 - 72%
B+	87 - 89%	D+	67 - 69%
B	83 - 86%	D	63 - 66%
B-	80 - 82%	D-	60 - 62%
F	0 - 59%

Academic Dishonesty

Please read and fill the Undergraduate Students Assignment Delcaration Form in Chinese and English. More details on Regulations.

Student Disabilities Services

If you have a documented disability that requires accommodations, you will need to register with the University for coordination of your academic accommodations, or let me know.

Class Schedule

Date	Topic	Reading & Notes (tentative)	Slides & Labs
Week 1, 09/12	Course Overview and Introduction to Computer Security	Kali Linux - Penetration Testing Linux Distribution. [Link]	[Slides and Lab]
Week 2, 09/19	Malware Reverse Engineering	Lab 1 Due	[Slides and Lab]
Week 3, 09/26	Secure Coding and Buffer Overflows	Lab 2 Due	[Slides and Lab]
Week 4, 10/03	NO CLASS	National Holiday
Week 5, 10/10	Term/Team Project Proposal Discussion	Term/Team Project Proposal Due Lab 3 Due	[Slides and Lab]
Week 6, 10/17	Secure Coding and Format-String Vulnerability	Revised Project Proposal Due	[Slides and Lab]
Week 7, 10/24	Return-to-libc and Return Oriented Programming	Lab 4 Due	[Slides and Lab]
Week 8, 10/31	Fuzzing and Program Analysis	Lab 5 Due	[Slides and Lab]
Week 9, 11/07	Cryptography	Lab 6 Due	[Slides and Lab]
Week 10, 11/14	Network Packet Sniffing	Lab 7 Due	[Slides and Lab]
Week 11, 11/21	Web Security and SQL Injection	Lab 8 Due	[Slides and Lab]
Week 12, 11/28	Scanning, Reconnaissance, and Penetration Testing	Lab 9 Due	[Slides and Lab]
Week 13, 12/05	IoT, Wireless and Phyiscal Attacks	Lab 10 Due	[Slides and Lab]
Week 14, 12/12	Nailgun Attack and Defense	Lab 11 Due	[Slides and Lab]
Week 15, 12/19	Security Research and Term Project Discussion	Lab 12 Due	[Research Slides]
Week 16, 12/26	Working Class for Projects		[Project Slides]
Week 17, 01/02	Term/Team Project Presentations	Final Project Report Due Invited Lunch/Dinner if your final score is 96% or more	[Slides and Lab]