Skip to content

phonedude/cs595-s21

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ODU CS 495/595 Web Security, Spring 2021.

Instructor: Michael L. Nelson mln@cs.odu.edu

Office Hours: Thursdays 3-4 and by appointment

Time: Thursdays 4:20pm - 7:00pm

Place: online -- contact mln@cs.odu.edu for the Zoom URL.

Syllabus

Class Email list: https://groups.google.com/group/cs595-s21

Course Objectives

The goal of this course is to review common web security vulnerabilities and exploits, as well as their corresponding defenses. There is an inherent tension between "web as simple document reader" and "web as application environment", and as the functionality of the web ecosystem increases, so do the vulnerabilities.

General concepts that students will learn: principles of web security, attacks and countermeasures, the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin policy, cross site scripting, authentication, JavaScript security, emerging threats, defense-in-depth, techniques for writing secure code, web archiving, rehosting.

Specific technologies that students will learn: Git/GitHub, DOM/Javascript, CLI, Node.js, Twitter, Youtube.

Course Inspiration

This course is based on CS 253 Web Security, Stanford, Fall 2019. Special thanks to Feross Aboukhadijeh for generously sharing his course materials (although any errors are mine).

Class Schedule (subject to change)

Assignments (subject to change)