Computer Systems Security
6.858 Computer Systems Security is a class about the design and implementation of secure computer systems. Lectures cover threat models, attacks that compromise security, and techniques for achieving security, based on recent research papers. Topics include operating system (OS) security, capabilities, information flow control, language security, network protocols, hardware security, and security in web applications.
Syllabus
- 1 Lecture 1: Introduction, Threat Models
- 2 Lecture 2: Control Hijacking Attacks
- 3 Lecture 3: Buffer Overflow Exploits and Defenses
- 4 Lecture 4: Privilege Separation
- 5 Lecture 6: Capabilities
- 6 Lecture 7: Sandboxing Native Code
- 7 Lecture 8: Web Security Model
- 8 Lecture 9: Securing Web Applications
- 9 Lecture 10: Symbolic Execution
- 10 Lecture 11: Ur/Web
- 11 Lecture 12: Network Security
- 12 Lecture 13: Network Protocols
- 13 Lecture 14: SSL and HTTPS
- 14 Lecture 15: Medical Software
- 15 Lecture 16: Side-Channel Attacks
- 16 Lecture 17: User Authentication
- 17 Lecture 18: Private Browsing
- 18 Lecture 19: Anonymous Communication
- 19 Lecture 20: Mobile Phone Security
- 20 Lecture 21: Data Tracking
- 21 Lecture 22: Guest Lecture by MIT IS&T
- 22 Lecture 23: Security Economics
Course materials
- Course on MIT OpenCourseWare β website