Related Resources | Computer Systems Security | Electrical Engineering and Computer Science | MIT OpenCourseWare

Course Info

Instructor

Prof. Nickolai Zeldovich

Departments

Electrical Engineering and Computer Science

As Taught In

Fall 2014

Level

Graduate

Topics

Engineering
- Computer Science
  - Computer Design and Engineering
  - Software Design and Engineering

Learning Resource Types

Exam Solutions

Exams

Lecture Notes

Lecture Videos

Projects with Examples

Download Course

Related Resources

This section contains external resources related to the material taught in this class.

Cryptography

Schneier, Bruce. Applied Cryptography: Protocols, Algorithms, and Source Code in C. John Wiley & Sons, 1996. ISBN: 9780471117094.
Menezes, van Oorschot, and Vanstone. Handbook of Applied Cryptography. CRC Press. 1996. ISBN: 9780849385230. [Preview with Google Books]
Buchmann, Johannes. Introduction to Cryptography. Springer, 2004. ISBN: 9780387211565. [Preview with Google Books]
Cryptographic libraries:
- KeyCzar by Google.
- GPGME by GnuPG.
- OpenSSL.
- NaCl: Networking and Cryptography library by Tanja Lange and Daniel J. Bernstein.

Control Hijacking Attacks

Smashing The Stack For Fun And Profit, Aleph One.
Bypassing non-executable-stack during exploitation using return-to-libc (PDF) by c0ntex.
Basic Integer Overflows, blexim.
Kernighan, Brain W., and Dennis M. Ritchie. The C programming language. 2nd ed. Prentice Hall, 1988. ISBN: 9780131103627.
Intel Memory Protection Extensions.
Intel 80386 Programmer’s Reference Manual, 1987. Alternatively, in PDF format. Much shorter than the full current Intel architecture manuals below, but often sufficient.
Intel Architecture Software Developer Manuals.

Web Security

Browser Security Handbook, Michael Zalewski, Google.
Browser attack vectors.
Google Caja (capabilities for Javascript).
Google Native Client allows web applications to safely run x86 code in browsers.
Myspace.com - Intricate Script Injection Vulnerability (TXT), Justin Lavoie, 2006.
The Security Architecture of the Chromium Browser (PDF) by Adam Barth, Collin Jackson, Charles Reis, and the Google Chrome Team.
Why Phishing Works (PDF) by Rachna Dhamija, J. D. Tygar, and Marti Hearst.

OS Security

Secure Programming for Linux and Unix HOWTO, David Wheeler.
Setuid demystified (PDF) by Hao Chen, David Wagner, and Drew Dean.
Some thoughts on security after ten years of qmail 1.0 (PDF) by Daniel J. Bernstein.
Wedge: Splitting Applications into Reduced-Privilege Compartments (PDF) by Andrea Bittau, Petr Marchenko, Mark Handley, and Brad Karp.
KeyKOS source code.

Exploiting Hardware Bugs

Bug Attacks (PDF) on RSA, by Eli Biham, Yaniv Carmeli, and Adi Shamir.
Using Memory Errors to Attack a Virtual Machine (PDF) by Sudhakar Govindavajhala and Andrew Appel.

Mobile Devices

iOS security (PDF)

Course Info

Instructor

Prof. Nickolai Zeldovich

Departments

Electrical Engineering and Computer Science

As Taught In

Fall 2014

Level

Graduate

Topics

Engineering
- Computer Science
  - Computer Design and Engineering
  - Software Design and Engineering

Learning Resource Types

Exam Solutions

Exams

Lecture Notes

Lecture Videos

Projects with Examples

Download Course

MIT Open Learning

Over 2,500 courses & materials

Freely sharing knowledge with learners and educators around the world. Learn more

© 2001–2026 Massachusetts Institute of Technology

Accessibility

Creative Commons License

Terms and Conditions

Proud member of:

© 2001–2026 Massachusetts Institute of Technology