CE 40-441: Data and Network Security

Saturday/Monday 7:30 - 9:00
Room: 103 CE Building

Behnam Momeni
Office Hours:
Wednesday 7:30 - 9:00 (Room 817; Coordinate by Email)
Kavian Amirmozaffari
Farid Zandi
Quick Links:


This is an introductory course about the data and network security. We will cover topics such as system authorization, access control, software vulnerabilities, web server and browser vulnerabilities, fundamental topics in cryptography, privacy concerns and anonymization networks, and security issues in different network layers.

Prerequisites: 40-443 Computer Networks


This course is based on some other courses.


Grading policy is as follows (tentatively):

You should answer to assignments individually (there is no group assignment),



Course Material:

  1. Introduction: The Course Big Picture [SOZI.HTML]
  2. Cyber Security: Problem Overview [PDF]
  3. Control Hijacking Dark Arts [PDF]
  4. Defense Against the Control Hijacking Dark Arts [PDF]
  5. Authorization and System Security [PDF]
  6. Permissions in Linux and Windows [PDF]
  7. Web Browser Security [PDF]
  8. Web Session Security [PDF]
  9. Web Server Security [PDF]
  10. Injection Attacks [PDF]
  11. Content Security Policies (CSP) [PDF]
  12. Searching for Vulnerabilities [PDF]
  13. Privacy [PDF]
  14. Anonymization Network [PDF]
  15. Cryptography — Symmetric [PDF]
  16. Cryptography — Asymmetric [PDF]
  17. OSI Layers Security [PDF]

Keep moving forward :)