Skip to content

phonedude/cs595-s22

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ODU CS 495/595 Web Security, Spring 2022.

Instructor: Michael L. Nelson mln@cs.odu.edu

Office Hours: Mondays 6-7 and by appointment

Time: Mondays 7:10pm - 9:50pm

Place: online to start the semester -- contact mln@cs.odu.edu for the Zoom URL. We'll consider moving to a hybrid format (in room ECSB 2120) as the pandemic allows.

Syllabus

Class Email list: https://groups.google.com/group/cs595-s22

CRNs: 31657 (495) and 31659 (595)

Course Objectives

The goal of this course is to review common web security vulnerabilities and exploits, as well as their corresponding defenses. There is an inherent tension between "web as simple document reader" and "web as application environment", and as the functionality of the web ecosystem increases, so do the vulnerabilities.

General concepts that students will learn: principles of web security, attacks and countermeasures, the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin policy, cross site scripting, authentication, JavaScript security, emerging threats, defense-in-depth, techniques for writing secure code, web archiving, rehosting.

Specific technologies that students will learn: Git/GitHub, DOM/Javascript, CLI, Node.js, Twitter, Youtube.

Course Inspiration

This course is based on CS 253 Web Security, Stanford, Fall 2019. Special thanks to Feross Aboukhadijeh for generously sharing his course materials (although any errors are mine).

Class Schedule (subject to change; slides will be updated prior to class)

Assignments (subject to change)