Computer Security

INFR10067: Computer Security is a Level 10 course given in Semester 1 worth 20 credits. See the Course Catalogue entry.

Mondays10:00-10:50amG.03, 50 George Square
Tuesdays11:10-12:00LHB, David Hume Tower Lecture Theatres, George Square
Thursdays10:00-10:50amLecture Theater 1, Appleton Tower

The course lecturers are Myrto Arapinis and Kami Vaniea

Lecture Slides

Slides will be added below as we go along. The slides from last year will give a good idea about what's coming up. Readings are optional. Unless otherwise noted, readings are from the recommended textbook Security In Computing.

1.    19 Sept. Introduction to the course
  • Slides: PDF
  • Reading:
    • Chapter 1.1: Fundamental Concepts
2. 20 Sept. Cyber Essentials Scheme
3. 22 Sept. Network and internet vulnerabilities
4. 26 Sept. Network protections
5. 27 Sept. Networking and privacy
6. 29 Sept. Usable security
7. 3 Oct. Usable security
8. 4 Oct. Cryptography - Introduction
  • Slides: PDF
  • Reading:
    • Chapter 8.1.1: Attacks
    • Chapter 8.1.2: Substitution ciphers
9. 6 Oct. Cryptography - Stream ciphers
  • Slides: PDF
  • Reading:
    • Chapter 8.1.3: One-time pads
    • Chapter 8.1.4: Pseudo-random number generators
10. 10 Oct. Cryptography - Block ciphers
  • Slides: PDF
  • Reading:
    • Chapter 8.1.6: The Advanced Encryption Standard (AES)
    • Chapter 8.1.7: Modes of operation
    • Chapter 8.5.1: Details for AES
11. 11 Oct. Cryptography - Hashes and MACs
  • Slides: PDF
  • Reading:
    • Chapter 8.3: Cryptographic hash functions
12. 13 Oct. Cryptography - Asymmetric ciphers
  • Slides: PDF
  • Reading:
    • Chapter 8.2: Public-key cryptography
13. 17 Oct. Cryptography - Digital signatures
  • Slides: PDF
  • Reading:
    • Chapter 8.4: Digital signatures
14. 18 Oct. Public Key Infrastructure
15. 20 Oct. Cryptographic protocols - Introduction
16. 24 Oct. (More) cryptographic protocols
17. 25 Oct. Guest lecture, Petros Wallden (UoE) - Cryptography in a quantum world
18. 27 Oct. Cryptographic protocols - the TLS protocol
19. 31 Oct. Cryptographic protocols - anonymous communications
20. 1 Nov. Cryptographic protocols - anonymous communications
21. 3 Nov. Passwords
22. 7 Nov. Overview of how websites work
  • Slides: PDF
  • Reading:
    • Chapter 7.1: The World Wide Web
23. 8 Nov. Server-side attacks: injection attacks
  • Slides: PDF
  • Reading:
    • Chapter 7.3: Attacks on Servers
24. 10 Nov. Client-side attacks: CSRF and XSS attacks
  • Slides: PDF
  • Reading:
    • Chapter 7.2: Attacks on Clients
25. 14 Nov. Guest lecture, Kit Patterson (KAL) - Security in the ATM world
26. 15 Nov. Client-side attacks: CSRF and XSS attacks
  • Slides: PDF
  • Reading:
    • Chapter 7.2: Attacks on Clients
27. 17 Nov. Client-side attacks: CSRF and XSS attacks
  • Slides: PDF
  • Reading:
    • Chapter 7.2: Attacks on Clients
28. 21 Nov. Buffer overflow attacks
  • Slides: PDF
  • Reading:
    • Chapter 3.1: Operating Systems Concepts
29. 22 Nov. Guest lecture, Scott F. Alexander (J. P. Morgan)
30. 24 Nov. Buffer overflow attacks
  • Slides: PDF
  • Reading:
    • Chapter 3.4: Application Program Security
31. 28 Nov. Guest lecture, Georgios Panagiotakos (UoE): Bitcoin
32. 29 Nov. Revision lecture
33. 29 Nov. Revision lecture

These are lecture slides, not comprehensive notes. You should supplement the slides with notes taken in lectures, and from your own reading. References and specific reading recommendations are given in slides, further guidance is given in lectures. The examinable material consists of what is covered in lectures, tutorials and practicals (unless specifically excluded) and the reading recommended in lectures.

Course resources

Tutorials and Labs

Update: Tutorials now start in week 4. Tutorials and labs are interleaved. If you were at the week 3 Monday tutorial you do not need to attend tutorial in week 4 as we will be going over the same content.


There are worksheets for the tutorials and labs which will be issued beforehand. You should try each worksheet before the tutorial meeting.

Doodle poll to sign up for tutorials

The following tutorial groups exist.
  • Mondays 12:00-13:00 in Forest Hill 3.D01
  • Tuesdays 9:00-10:00 in Forest Hill 3.D01
  • Wednesdays 11:00-12:00 Forest Hill in 3.D01
  • Fridays 10:00-11:00 in Forest Hill 3.D01
  1. Week 4 - Tutorial 1
  2. Week 5 - Lab 1
  3. Week 6 - Tutorial 2 - Solutions
  4. Week 7 - Lab 2
  5. Week 8 - Tutorial 3 - Solutions
  6. Week 9 - Lab 3
  7. Week 11 - Lab 4
Tutorials are based on question sheets which you should use to help guide your own study for the course. Solutions will be issued a while after the question sheets so you can measure your progress. There is not enough time to cover all topics; you should aim to cover remaining topics to a similar depth of knowledge.

Coursework Exercises

There are two assessed coursework exercises, each worth 12.5% of the final mark.

Exams

  • Past papers are on the ITO pages.
    The only solutions available are those already published.
    Older exams include questions on "BAN logic" which has since been removed from the syllabus.



Documents above are in PDF format. Comments, suggestions, corrections are welcomed.
To print course materials, make sure your PDF reader has the correct page size and orientation.

Copyright: except where stated, lecture notes and other course materials are Copyright (C) School of Informatics, University of Edinburgh, and respective authors. Lecture slides prepared by David Aspinall and Myrto Arapinis with additions by Mike Just and Julian Bradfield.
Please respect our rights over this material and contact us if you want to use it in another context.


Home : Teaching : Courses 

Informatics Forum, 10 Crichton Street, Edinburgh, EH8 9AB, Scotland, UK
Tel: +44 131 651 5661, Fax: +44 131 651 1426, E-mail: school-office@inf.ed.ac.uk
Please contact our webadmin with any comments or corrections. Logging and Cookies
Unless explicitly stated otherwise, all material is copyright © The University of Edinburgh