Computer systems security

This course makes use of Athena, MIT's UNIX-based computing environment. OCW does not provide access to this environment.

Lectures: 2 sessions / week, 1.5 hours / session

6.033 Computer System Engineering

6.858 Computer Security studies the design and implementation of secure computer systems. Lectures cover threat models, attacks that compromise security, and techniques for achieving security, based on recent research papers. Topics include operating system (OS) security, capabilities, information flow control, language security, network protocols, hardware security, and security in web applications. Assignments include labs that involve implementing and compromising a secure web server and web application, and a group final project.

6.858 is primarily intended for seniors and Masters of Engineering students who want to learn about how to build secure computer systems in detail. Ph.D. students are also welcome. Students can use 6.858 to fulfill the engineering concentration requirements for Computer Systems.

Each lecture will cover a paper in systems security. Read the paper before lecture, and submit by 10PM the night before:

We'll discuss the paper in class. Please interrupt, ask questions, and point out mistakes.

There will be two quizzes during our regular lecture time slot. No "final exam" during finals week; second quiz near end-of-term.

There are 6 labs and a final project in this course. Labs will look like real-world systems, in some respects: There are many interacting parts written in different languages. We'll look at / write x86 asm, C, Python, Javascript, etc…

There will be a final project at the end of the course (groups of 3–4 people), and presentations during the last week of class. Think of projects you'd like to work on as you're reading papers. Either attack or defense-oriented projects are possible. It is ok to combine this project with other class projects or your own research.

Lab exercises will be graded on the correctness based on both the lab assignment and whether they fulfill the specifications imposed by the grading / checking scripts. Grading will be done with a staff-version of the Makefile and grading scripts, so you should pass all the tests without any modifications to those files.

You are required to turn in each lab; if you have not turned in all of the labs, you will receive an F. Labs that are turned in but score 0 points will receive a D. You have a total of 72 late hours to use throughout the semester. After you have used up your late hours, each additional day late will incur a full letter grade penalty. Saturday and Sunday both count as days. (Late days are tracked automatically, so you don't need to email before using one.)

You may not collaborate on quizzes. You are welcome to discuss the labs with other students, but you should complete all assignments on your own, and you should carefully acknowledge all contributions of ideas by others, whether from classmates or from sources you have read. Final projects will be in groups, where you should collaborate.

You will learn how to attack systems so that you know how to defend them. Just because something is technically possible, doesn't mean it's legal.

Don't show me this again

This is one of over 2,200 courses on OCW. Find materials for this course in the pages linked along the left.

MIT OpenCourseWare is a free & open publication of material from thousands of MIT courses, covering the entire MIT curriculum.

No enrollment or registration. Freely browse and use OCW materials at your own pace. There's no signup, and no start or end dates.

Knowledge is your reward. Use OCW to guide your own life-long learning, or to teach others. We don't offer credit or certification for using OCW.

Made for sharing. Download files for later. Send to friends and colleagues. Modify, remix, and reuse (just remember to cite OCW as the source.)

Learn more at Get Started with MIT OpenCourseWare