CSE 127 -- Introduction to Computer Security

Notice

Old final from last year is here [PDF]

An example find-the-error proof-of-correctness question: What is wrong with the following code? (Assume that the median_to_front implementation is correct.) 

#define	SSWAP(x,n)	do {if (x[n] > x[n+1]) SWAP(x,n);} while(0)
/* 0 <= nelt < INT_MAX, base[0..nelt-1] valid */
void	quicksort(int	*base,
		  int	nelt)
{
	int pivot, t, hi, lo;

	switch (nelt) { /* base cases */
	case 2: SSWAP(base,0); /* fall through */
	case 0: case 1: return;
	}
	median_to_front(base, nelt); pivot = base[0];
	lo = 1; hi = nelt-1;
	/* base[1..lo-1] <= pivot < base[hi+1,nelt-1] */
	while (lo <= hi) {
		while (lo < nelt && base[lo] <= pivot)
			lo++;
		while (0 <= hi && pivot < base[hi])
			--hi;
		t = base[lo]; base[lo] = base[hi]; base[hi] = t;
	}
	while (0 <= hi && base[hi] == pivot)
		hi--;
	if (0 < hi) quicksort(base,hi+1);
	if (lo < nelt)
		quicksort(base+lo,nelt-lo);
}
Use the concepts of preconditions and postconditions in your analysis.

Course Information

This is the class web page for CSE 127, Introduction to Computer Security. The instructor is Bennet Yee, and the TAs are Matthew Hohlfeld and Eric Liu.

Office Hours
Who Where When
Bennet Yee AP&M 5141 Tue/Thu 2pm-3pm
Matthew Hohlfeld AP&M 3337A Mon/Wed 1pm-2pm
Eric Liu AP&M 2331 Tue/Thu 9am-10am

There is a DISCUS web board for discussions and Q&A.

Handouts

  • First handout [pdf]
  • Code of Ethics [pdf] Note: You must sign and return this form to us in order to receive a grade in this class.
  • Syllabus

    • Brief lecture summaries / addenda

    Below you will find summaries of lectures and addenda to them in reverse chronological order. Note that these pages are not intended to replace note-taking, and are not comprehensive in nature.
  • 2003-03-20: Final Exam, 7pm-10pm, CSB 002.
  • 2003-03-10: Lecture 16
  • 2003-03-05: Lecture 15 Extra Credit project
  • 2003-03-03: Lecture 14
  • 2003-02-26: Lecture 13
  • 2003-02-24: Lecture 12 (handout updated)
  • 2003-02-19: Lecture 11 Assignment 3: Updated!
  • 2003-02-17: No class -- President's day
  • 2003-02-12: Midterm key [PDF]
  • 2003-02-10: Lecture 10
  • 2003-02-05: Lecture 9
  • 2003-02-03: Lecture 8
  • 2003-01-29: Lecture 7 Assignment 2
  • 2003-01-27: Lecture 6
  • 2003-01-22: Lecture 5 Reading assignment
  • 2003-01-20: No class -- MLK Jr univ holiday
  • 2003-01-15: Lecture 4 Assignment 1
  • 2003-01-13: Lecture 3
  • 2003-01-08: Lecture 2
  • 2003-01-06: Lecture 1

    • Links

    These are links additional security-related information. Exploring them is optional unless otherwise stated.
  • San Diego Regional Info Watch. If you have time, consider attending one of their monthly meetings. See the calender for the meeting topics.
  • ATM scam
  • You may wish to attend the townhall meeting for the President's Cyber-Infrastructure Protection Board at the Neural Science Institute on January 28th. The electronic invitation has directions. The talk is open to the public.
  • You should consider applying for the CalIT2 summer research scholarship. See the flyer, and go to the CalIT2 web site for more info.
  • Buffer overflow in Nokia phones
  • Intrusion-detection system vulnerable to buffer-overflow attack
  • Bank PIN theft via internet cafe computers. How would you classify this attack?

    • Recommended References

  • Computer Security: Art and Science, Matt Bishop, Addison Wesley, ISBN 0-201-44099-7.
  • Security in Computing, 3rd ed, Pfleeger and Pfleeger, Prentice Hall, ISBN 0-13-035548-8.
    • [ search CSE | CSE | bsy's home page | links | webster | MRQE | google | yahoo | citeseer | pgp certserver | openpgp certserver ]
    picture of bsy

    bsy+cse127.w03@cs.ucsd.edu, last updated Tue Mar 11 19:25:30 PST 2003. Copyright 2003 Bennet Yee.
    email bsy.

    Don't make me hand over my privacy keys!