CS 491/591 Introduction to Computer Security - Winter 2018

Instructor Contact

Dr. Charles V. Wright
Office: FAB 120-25
Phone: 503-725-4252
Email: cvwright cs pdx edu (fill in the missing punctuation)
Office Hours: T 2:30-4:30pm, or by appointment

Course Information

Time: Mondays and Wednesdays, 2:00-3:50pm
Location: KMC 255

For more details, see the full PDF version of the syllabus.

Course Schedule

Date Topics and Readings Homework
Jan 8 Introduction
  • Administrivia
  • Course overview
Program Layout in Memory
  • If you need a refresher on C or x86 assembly language programming, look through Chapter 0x200 in Erickson after class. Follow along with his examples using gdb.
  • Also see Gustavo Duarte's Anatomy of a Program in Memory for another view of the same topic.
Software Vulnerabilities and Exploits - Part 1
  • See also pp. 115-142 in Erickson.
Homework 1

Watch after class:
Jan 10 Software Security
  • Stack Buffer Overflows
  • Code Injection Attacks
Read before class:
  • MLK holiday, PSU closed
HW1 Due at 10pm
Jan 17 Software Security
  • Code Injection Attacks
  • Shellcode and Payload
Stack-based Defenses
  • StackGuard and stack canaries
Read before class:
Jan 22 More Software Security
  • Virtual memory review
  • System-level defenses: ASLR and DEP
  • Format string attacks (PDF)
  • Heap overflow attacks
  • Return-oriented programming
Jan 24 In-class Exercise
  • Debugging with GDB on Linux
  • Format string attacks
Homework 2 assigned
Jan 29 Symmetric Cryptography
  • Ancient "classical" ciphers
  • Block ciphers and stream ciphers
  • Hash functions and message authentication codes
Jan 31 Authenticated Encryption

Public Key Cryptography
  • Public key encryption
  • Digital signatures
Feb 5 Disk and Filesystem Encryption
Feb 7 Authentication
  • Password hashing
Feb 12 Midterm Exam
Mar 21 Final Exam 12:30-2:20pm