Module Information
The objective of this course is to provide a broad understanding of computer security with some in depth discussions on selected topics in system and network security. This course covers the following topics: intrusion detection, DNS security, electronic mail security, authentication, access control, buffer overflow, memory and stack protection, selected topics in application security, for instance, web security, and well-known attacks
~ Taken from NUSMods
Schedule
I took this module in AY20/21 Semester 2.
- Venue: Online Classroom
- Lecture Time: Tuesday 8am to 10am (Online)
- Tutorial Time: Thursday 2pm to 3pm (Physical)
- Lecturer: Prof. Prateek Saxena
Module Breakdown
- 10 Lecture Homework 40%
- Midterm Exams 30%
- Coding Project 30%
There are no finals exams in this module.
Prerequisites
- CS2105
- CS2106
- CS2107
Module Details
This module teaches the fundamentals of computer security. It covers the following topics:
- Threat Models
- Network Attacks
- Secure Channels
- Cryptography Basics
- Symmetric Key Cryptography
- Public Key Cryptography
- Integrity
- Key Exchange Protocols
- HTTPS
- Web Authentication
- Authorization
- Web Attacks
- System Security
Lectures
As this was conducted during the COVID-19 pandemic, all lectures were conducted online. The lectures were conducted using Zoom. Webcasts were also provided for students who are unable to attend the lectures.
The lectures were very interesting and engaging. Prof. Prateek encourages us to ask questions during the lecture and he will answer them on the spot.
Tutorials
As with all other tutorials, it starts from week 3. Instead of running the tutorial online, the tutorial was conducted physically in the classroom. We were required to wear our masks and sit 1m apart from each other. There were also attendance taking for contact tracing purposes.
The tutorials were very fun, the tutor was very engaging and the tutorial questions were very interesting.
Lecture Homework
The assignment is a solo assignment that is done almost every week. There were 10 assignments in total.
It is conducted in the form of a quiz on LumiNUS. It consists of MCQ and short answer questions. The questions are based on the lecture content and the lecture notes.
Midterm Exams
The Midterms are open book and are conducted in terms of a quiz on LumiNUS. Topics for Midterms are as follows:
- Network Attacks and Firewall
- Cryptography Basics
- SSL/TLS/HTTPS
- Failures and insufficiencies of Secure Channels
Coding Project
This is a group project in groups of 2 assigned randomly. The coding project consists of 3 parts:
- Web Security “CTF”
- System Security “CTF”
For the web security part, you will be given 5 mini assignments within the VM to attack and you will have to find the vulnerabilities in the website and exploit them to get the flag.
We will need to do a writeup for each of the websites with our POC. There was an online judge that automatically checks our POC and gives us the flag if it is correct.
Ratings
Workload (4/10)
The workload is very manageable for me. The topics taught were previously taught in CS2107.
Organization (8/10)
The module is very well organized. The lecture notes are very well written and the lecture slides are very clear. Prof. Prateek is also very engaging.
Enjoyment (9/10)
This is one of my favorite modules that I have taken in NUS. I’ve enjoyed learning the different concepts in computer security and the CTF style assignments.
Usefulness (8/10)
Thinking in terms of threat models and how to secure your system is very important. It also puts all the security concepts that you have learnt in CS2107 into perspective and what they defend against.
Overall (8/10)
This is one of my favorite modules that I have taken in NUS. I loved the CTF style assignments and the lectures were very interesting.
- Expected Grade: A
- Actual Grade: A+