Application Security

Title Application Security (56512)
Quarter Spring 2020
Instructor William Conner (wconner@cs.uchicago.edu)
Website

Syllabus

Description

This course will introduce secure development practices for networked applications.  Application vulnerabilities will also be studied to motivate the mitigations presented in the course.  Particular emphasis will be placed on Linux binaries and Web applications.  Programming assignments will involve exploiting vulnerabilities and implementing defense mechanisms.  The last class will include a capture the flag (CTF) activity.


Topics

● Threat modeling

● Software security lifecycle

● Reverse engineering

● Memory corruption

● Linux security

● Browser security

● Web vulnerabilities

● Cloud security

● Secrets management

 

Coursework

● Written homework assignments

● Programming projects

● Midterm and final exams


Textbook

There is no required textbook for this course.

Prerequisites (Courses)

Core Programming (required)

MPCS 56511: Introduction to Computer Security (recommended, but not required)

MPCS 52011: Introduction to Computer Systems (recommended, but not required)

Prerequisites (Other)

Familiarity with (or willingness to learn) some C programming and a bit of assembly language (required)
Familiarity with Java, Ruby, or Python (required)
Familiarity with the Linux command line (required)

Satisfies

Elective
Information Security Specialization (https://masters.cs.uchicago.edu/page/information-security)

Time

Tuesday 5:30-8:30PM

Location

Ryerson 276