Rice University logo
Top blue bar image Comp327: Introduction to Computer Security
Blog and homepage for Rice's Comp327

Course Schedule

Week of Day Topic Reading Lec. notes Milestones Lecturer
Jan 6 Tu Introduction, basic concepts Anderson 1Saltzer and Schroeder 75 Dan
Th Ethics and responsibility Thompson 84 (alternate link),Schneier 08Google 10 Dan
Jan 13 Tu Cryptography Anderson 5Common Flaws of Distributed Identity and Authentication Systems Dan
Th Web security intro / webseclab intro Dan/Tad
Jan 20 Tu Public key crypto + voting  slides Dan
Th Web login, cookies Anderson 3OpenID explained Dan
Jan 27  Tu Voting + BitCoin Nielsen (How BitCoin Works) Dan
 Th Block ciphers Dan
 Feb 3 Tu Webseclab runthrough Tad
 Th Android security A Study of Android Application SecurityUnderstanding Android Security Tad
Feb 10 Tu Web security attacks Rnake’s XSS CheatsheetOWASP XSS GuideOWASP CSRF GuideBarth 08SHTML5 web security Dan
Th Buffer overflows Dan
Feb 17 Tu User and network security Friedl 08Anderson 21 Dan
Th Network hacking demo Firesheep, Wireshark Dan
Feb 24 Tu Protocol security and anonymity Tor overview  slides Dan
Th Spam Graham 02Graham 03Levchenko 11 Dan
Mar 3 Tu No class (Spring Break)
Mar 10 Tu Least privilege mechanisms Wikipedia links: priv separation, confused deputies, virtual machines, capability systems; See also, the Chrome architecture Dan
Th Industrial malware (Stuxnet/Duqu) Symantec 11 Dan
Mar 17 Tu Hardware & embedded Kocher et al. 04,  Jyostna et al. 11Koscher et al. 10Mulliner et al. 11 Dan
Th Automotive security publications (one in 2010 and one in 2011) video Dan
Mar 24 Tu Internet miscreants Thomas 13, Kanich 11 Dan
Th No class (Midterm Recess)
Mar 31 Tu Medical devices Halpern et al. 2008 video Dan
Th “Secure” radios Blaze et al. 2011 video Dan
Apr 7 Tu Windows 7 security Cowan 2010 video Tad
Th Android security Cannings 2009 video Tad
Apr 15 Tu Secure engineering Security Code Review Guidelines, OWASP Code Review Guide Table of ContentsBessey et al. 10 Dan
Th Finale / Smörgåsbord