Course Description Class Logistics & Grading Topics Important Dates
Instructor: Prateek Saxena (prateeks at comp dot nus dot edu dot sg)
TAs Teodora Baluta (cs3235.ta at
Room & Timings: LT15, Tuesdays 2:00 - 4:00 pm
IVLE Page: CS3235
Semester: AY 2017/2018 Semester 2


* End-term Exam will be in-class on April 17th, 2018

Course Description

Computers are instruments to improve efficiency. Often, their design is not robust against an intellegent adversary. Computer security is the science of studying why our computing techniques and systems fail, and ultimately to build them robustly. In this course, we will look at the fundamental principles behind "adversarial thinking" and robust design of computer algorithms and code. The course will highlight the use of these concepts in real-world designs, machine code exploitation, and Internet protocols. Time permitting, we will look into advance topics such as security of machine learning, cryptocurrencies (like Bitcoin!), and widely deployed cryptographic protocols and OSes.

The goal of this class is to enable students to:

  • Audit system design and implementation with an adversarial mindset
  • Design and implement exploits for real security bugs.
  • Develop secure applications.
  • Be able to design defenses & outline their limitations.

Schedule & Syllabus

The table below lists the schedule of topics.

WeekDateTopic ReadingsAnnouncements
1 16 Jan Introduction to Computer Security Book G & T -- Chapter 1.1, Chapter 3.1, and Book D & K - Appendix A.1, A.2  
2 23 Jan

Memory Safety & Secure Coding

Smashing The Stack For Fun And Profit

Exploiting Format String Vulnerabilities

Understanding Integer Overflow in C/C++ (Section 1- 3 suffice)

Book G & T -- Chapter 3.4

3 30 Jan Privilege Separation & Sandboxing

Improving Host Security with System Call Policies

Preventing Privilege Escalation

Book G & T -- Chapter 1.3, 3.1, 3.3, 4.3, 4.5

Optional (Advanced):

Mimicry Attacks on Host-Based Intrusion Detection Systems

The Security Architecture of the Chromium Browser

4 6 Feb

Network Security & HTTPS

Book G & T -- Chapter 5, 6.1, 7.1 Assgt 1 out
5 13 Feb

Introduction to Cryptography; Secure Channels (I): Symmetric Key Crypto

Book G & T -- Chapter 2.1

6 20 Feb

Secure Channels (II): Public Key Crypto

Book D & K -- Chapter 2.1.1, 2.1.2, 2.1.5  
7 27 Feb Recess Week


8 6 Mar Integrity & Authenticity: MACs & Digital Signatures

Book D & K -- Chapter 3.1, 3.2., 3.3, 3.4

9 13 Mar Applications: Bitcoin, Blockchain, Certificate Transparency

Book D & K --Chapter 2.2.3, 3.3.4


20 Mar

Authentication & Key Exchange Protocols, UI Security

Book D & K -- Chapter 4.1

Assgt 2 out

27 Mar

Cloud Security (Integrity) - Trusted Computing [Guest Lecture: Shweta Shinde]

Lecture Notes

12 3 Apr

Cloud Security (Privacy) - Encrypted computation, Side channels [Guest Lecture: Shruti Tople]



10 Apr

Review, odds-and-ends



17 Apr

End-term Exam




Textbooks & Readings

There are no mandatory textbooks for this course. The lecture slides, indicated papers, and the tutorial content will constitute the main reading material. You are expected to take your own notes, and interpret / extrapolate the findings beyond the reading material for homeworks and exams.
Optional textbooka:

  • Introduction to Cryptography - Principles and Applications / By Hans Delfs, Helmut Knebl. (referred to as "D & K")
    ( Available via the NUS online library).
  • Introduction to computer security / By Michael T. Goodrich, Roberto Tamassia (referred to as "G & T").
    (Available on loan from the NUS library)

Class Logistics & Grading

This class is requires hands-on programming and experimentation. I will explain the detailed logistics of the course in the first lecture. There will no final exam. Attending tutorials is highly recommended. All material covered in lectures and tutorials is part of the syllabus.

Grade distribution is as follows:

  • Assignment 1 (25%)
  • Assignment 2 (25%)
  • In-class quizzes (10%)
  • End-term exam (40%)

All assignments are individual. The final exam is likely to be open-book (subject to change!) and will be in class.

Each student is expected to have access to his own laptop / desktop.

All experimental assignments are distributed as VirtualBox VMs; you are expected to be able to setup and run these VMs.

If you do not have access to your own laptop / desktop, you should approach the instructor within the first week of the course. Note that there are student labs on campus.


Who should take this class?

Students interested in computer security. We assume basic familiarity with mathematical proofs, elementary number theory (e.g. the concept of groups), OS concepts (processes, virtual memory), basic automata theory (finite state machines), and the C programming language.

The class is designed to be somewhat self-paced and self-taught; all graded assignments are done at home.

The IVLE forum is your best friend --- if you get stuck, ask questions and exchange ideas freely on the forum or consult the web. The instructor and TAs will *not* help debug your code, or tell you how to overcome technical difficulties.



Please see IVLE. All waiver requests are handled solely by CS curriculum committee (email cs-curriculum the-at-symbol

Note on Ethics

In this class, you will be exposed to several powerful attack techniques. This class is not an invitation exploit vulnerabilities in the wild without informed consent of all involved parties. Attacking someone else's computer system is an offence; you are expected to use your knowledge with discretion.

There is no restriction on your communication with other students. We follow an honor code: You are expected to do your homeworks and exams independently. Collaboration is restricted to gaining knowledge of concepts, but answers to assignment questions are expected to reflect your own work. Violations of the honor code tantamounts to academic dishonestly, which are dealt with in accordance with NUS academic policies.