Computer Systems Security

Electrical Engineering and Computer Science MIT CC BY-NC-SA 4.0 22 lectures

6.858 Computer Systems Security is a class about the design and implementation of secure computer systems. Lectures cover threat models, attacks that compromise security, and techniques for achieving security, based on recent research papers. Topics include operating system (OS) security, capabilities, information flow control, language security, network protocols, hardware security, and security in web applications.

Syllabus

  1. 1 Lecture 1: Introduction, Threat Models
  2. 2 Lecture 2: Control Hijacking Attacks
  3. 3 Lecture 3: Buffer Overflow Exploits and Defenses
  4. 4 Lecture 4: Privilege Separation
  5. 5 Lecture 6: Capabilities
  6. 6 Lecture 7: Sandboxing Native Code
  7. 7 Lecture 8: Web Security Model
  8. 8 Lecture 9: Securing Web Applications
  9. 9 Lecture 10: Symbolic Execution
  10. 10 Lecture 11: Ur/Web
  11. 11 Lecture 12: Network Security
  12. 12 Lecture 13: Network Protocols
  13. 13 Lecture 14: SSL and HTTPS
  14. 14 Lecture 15: Medical Software
  15. 15 Lecture 16: Side-Channel Attacks
  16. 16 Lecture 17: User Authentication
  17. 17 Lecture 18: Private Browsing
  18. 18 Lecture 19: Anonymous Communication
  19. 19 Lecture 20: Mobile Phone Security
  20. 20 Lecture 21: Data Tracking
  21. 21 Lecture 22: Guest Lecture by MIT IS&T
  22. 22 Lecture 23: Security Economics

Course materials