Prereq.: 6.1020 and 6.1800
Design and implementation of secure computer systems. Lectures cover attacks that compromise security as well as techniques for achieving security, based on recent research papers. Topics include operating system security, privilege separation, capabilities, language-based security, cryptographic network protocols, trusted hardware, and security in web applications and mobile phones. Labs involve implementing and compromising a web application that sandboxes arbitrary code, and a group final project.
Lectures will be held TR 2:30-4 in 26-100.
6.5660 is primarily intended for seniors, M.Eng., and PhD students who want to learn about how to build secure computer systems in detail. 6.5660 counts as a systems TQE subject.
We will distribute assignments and announcements on the course web site. We expect students to check the 6.5660 schedule and piazza frequently. If you hear a rumor, check it there.
Grades in 6.5660 will be based on the results of two quizzes (one in the middle of the term and one in final's week, 35% in total), labs 1-4 (35%), lab 5/final project (20%), and class participation and homeworks (e.g., lecture question and reading answer) (together 10%). We expect students to attend the two quizzes at the time/location posted on the schedule.
Lab exercises will be graded on the correctness based on both the lab assignment and whether they fulfill the specifications imposed by the grading/checking scripts. Grading will be done with a staff-version of the Makefile and grading scripts, so you should pass all the tests without any modifications to those files.
You are required to turn in each lab; if you have not turned in all of the labs, you will receive an F. Labs that are turned in but score 0 points will receive a D.
Labs are due by 5pm on their due date (typically Friday).
You have a total of 72 late hours to use throughout the semester, allocated greedily. After you have used up your late hours, each additional day late will incur a full letter grade penalty. Saturday and Sunday both count as days. (Late days are tracked automatically, so you don't need to email before using one.)
You may not collaborate on quizzes. You are welcome to discuss the labs with other students, but you should complete all assignments on your own, and you should carefully acknowledge all contributions of ideas by others, whether from classmates or from sources you have read. Final projects will be in groups, where you should collaborate.
You'll learn how to attack computer systems in this class in order to better understand how to design defenses. Please don't attack other people's computers or information without their prior permission. As well as being a bad idea, it may be illegal or a violation of MIT network rules and can get you into serious trouble. Don't do it.
|Srini Devadas||devadas at csail.mit.edu||32-G844|
|Nickolai Zeldovich||nickolai at csail.mit.edu||32-G994|
|Anish Athalye||aathalye at mit.edu|
|Ben Kettle||bkettle at mit.edu|
|Richard Liu||rtliu at mit.edu|
|Ariel Szekely||arielck at mit.edu|
|Michael Wang||mi27950 at mit.edu|
TA office hours
Course mailing list:
Use this mailing list to contact all the 6.5660 staff.