Course Description Class Logistics & Grading Topics Important Dates
Instructor: Prateek Saxena (prateeks at comp dot nus dot edu dot sg)
TA: Zhijingcheng (Jason) Yu
TA Email: cs5231.ta at
Timings: Online, Friday 6:30 - 8:30 pm
LumiNUS Page: CS5231
Semester: AY 2020/2021 Semester 1


Course Description

Security breaches cost billions of dollars worth of damage to the computing industry. Attacks are increasingly being perpetrated towards enterprises, individuals, and critical government infrastructure. At the same time, there is increasing use of personalized devices and software that wasn't designed with security and privacy in mind. Have you thought about how secure computer systems could be designed to tackle emerging threats?

In this course, we will study how to analyze and design existing and next-generation systems software. The course covers fundamental concepts of secure systems design and a few advanced research topics.

The goal of this class is for you to:

  • Understand fundamental principles behind secure system design
  • Learn about useful security and privacy technologies.
  • Be able to critically evaluate security architecture of systems

Schedule & Syllabus

The table below lists the schedule of topics.

14 Aug


21 Aug

Network Layer Attacks, Secure Channels (HTTPS)

28 Aug

Practical Limitations of Secure Channels

(Homework 1 out)

4 Sep

Software Vulnerabilities (I)

(Homework 1 due)

11 Sep

Software Vulnerabilities (II)

18 Sep

In-class Quiz (Lec 1-3 content only)

(Homework 2 out)

25 Sep

Recess Week --- No Class

2 Oct

Memory Safety

9 Oct

Isolation and Sandboxing: Policies

16 Oct

Process-Level Isolation and Privilege Separation

(Homework 2 due)

23 Oct

Virtualization and Trusted Execution Environments

30 Oct

In-class Quiz (Lec 4-8 content only)

6 Nov

Privacy: Concepts, Attacks, and Defenses

(Homework 3 out)

13 Nov

Advanced Topics (e.g Security and Privacy for ML systems, Blockchains, etc.)

(Homework 3 due)

Class Logistics & Grading

Please attend the first lecture for more information on grading and other logistical informaton. There will be no final exam, labs or tutorials for this module.

Grade distribution is as follows:

  • In-class Quizzes (40%)
  • Homeworks (60%)

Homeworks can be done in groups of 2 or individually. As per university guidelines, classes will be online only since number of students in the class exceed 50.


Who should take this class?

This is a graduate-level class for students interested in security, both conceptually and operationally. The class is designed to be somewhat self-paced; all graded assignments are done at home. Being a graduate class, you are expected to pick-up and learn new things on your own with help from your friends / teammates and from the web. The LumiNUS forum is your friend. Please ask questions and exchange ideas freely on the forum or consult the web.


The prerequisite is good undergraduate level understanding of computer science and having taken a undergraduate or graduate course in security. Exceptions to prerequisite requirements are allowed with the official permission of the graduate office solely.

Note on Ethics & Academic Honesty

In this class, you may be exposed to computer exploitation techniques. This class is not an invitation exploit vulnerabilities in the wild without informed consent of all involved parties. Attacking someone else's computer system is an offence; you are expected to use your knowledge with discretion. All students must comply with NUS academic honesty policies.

For homework assignments, you should cite any permitted external sources, which include papers at academic conferences, online textbooks available through NUS online / physical library, and resources provided by instructors/TA. The permitted sources are your notes from this class and prior ones you've taken for all assignments and exams. You are not allowed to search the Internet for solutions or seek help from any person outside your team, without prior approval from the instructor for homeworks. If you receive help from someone which has been useful, please acknowledge it in your submission.

All in-class quizzes are to be done completely individually. The quizzes are open-book, but you are not allowed to use any online resources. All communication should go through the instructors.