CSE 227: Graduate Computer Security Imani Munyaka,PhD

About

This course focuses on computer security, exploring a range of topics – from systems security, to web security, edge security, and privacy – to illustrate some of the modern research challenges in the area and the standards for advancement. It is not designed to be a tutorial course, but rather to give students the context to understand current security research and evaluate their interest in the field. The course will examine both the defensive and offensive side of the field. At the conclusion of the course, the students will have the foundation to conduct research in computer security and to apply the latest security research to a particular area of practice.

Lectures:

Tuesday and Thursday, WLH 2204, 11am Staff:

Instructor: Imani Munyaka, PhD drmunyaka@ucsd.edu

Teaching Assistant: Mya Bolds mbolds@ucsd.edu

Office hours:

Dr. Munyaka: Use the link provided on Canvas to schedule

Class discussion:

[Piazza]

Syllabus

Calendar and Readings

Course Schedule

Tue Jan 6 2026: Introduction

• Reading:
  • Reflections on Trusting Trust — K. Thompson
• Additional reading:
  • How to Read a Paper — S. Keshav
• Presenter: Name, slide

Thu Jan 8 2026: Low-level vulnerabilities and defenses

• Reading:
  • Hacking Blind — A. Bittau et al.
• Presenter: Name, [slides] (https://docs.google.com/presentation/d/1W6a7pY-LNcnke8IsJcQo3Y1IVK8QpMPSdfoJ9uGA0UQ/edit?usp=sharing)

Tue Jan 13 2026: Low-level vulnerabilities and defenses

• Reading:
  • Hacking Blind — A. Bittau et al.
• Additional reading:
  • AEG: Automatic Exploit Generation — T. Avgerinos et al.
  • Sys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code — F. Brown et al.
• Presenter: Instructor, slides, follow-up

Thu Jan 15 2026: Low-level vulnerabilities and defenses

• Reading:
  • AEG: Automatic Exploit Generation — T. Avgerinos et al.
• Additional reading:
  • How to Secure Existing C and C++ Software without Memory Safety — U. Erlingsson
  • Low-Level Software Security by Example — U. Erlingsson et al.
• Presenter: Students (see canvas), slides

Tue Jan 20 2026: Design Principles

• Reading:
  • Preventing Privilege Escalation — N. Provos et al.
  • Design Principles (Skim Only) - Saltzer & Shroefer
• Additional reading:
  • Principles and Implementation Techniques of Software-Based Fault Isolation — G. Tan
• Presenter: Students (see canvas), slides

Thu Jan 22 2026: Usable Security

• Reading:
  • An empirical study of cryptographic misuse in android applications - Egele et al
• Additional reading:
• Presenter: Students (see canvas), slides

Tue Jan 27 2026: OS security

• Reading:
  • seL4: Formal Verification of an OS Kernel — G. Klein et al.
• Presenter: Name, slides

Thu Jan 29 2026: OS security

• Reading:
  • Language Support for Fast and Reliable Message-based Communication in Singularity OS — M. Fähndrich
• Presenter: Students (see canvas), slides

Tue Feb 3 2026: OS security

• Reading:
  • Firecracker: Lightweight Virtualization for Serverless Applications — A. Agache et al.
• Presenter: Name, slides

Thu Feb 5 2026: Web-server security

• Reading:
  • Building Secure High-Performance Web Services with OKWS — M. Krohn
• Presenter: Name, slides

Fri Feb 6 2026: Status update (Project Plan)

Tue Feb 10 2026: Web-server security

• Reading:
  • Hails: Protecting Data Privacy in Untrusted Web Applications — D. Stefan et al.
• Presenter: Name, slides

Thu Feb 12 2026: Web-server security

• Reading:
  • Edna: Disguising and Revealing User Data in Web Applications — L. Tsai
• Presenter: Students (see canvas), slides

Fri Feb 13 2026: Status update (Project Plan Update)

Tue Feb 17 2026: Privacy, Wireless, Accessibility, Differential Privacy (Async due to illness)

• Reading (Not required for this day):
  • Protecting the 4G and 5G Cellular Paging Protocols against Security and Privacy Attacks — A. et al
  • A11y Attacks: Exploiting Accessibility in Operating Systems — Y. Jang
  • Communication Efficient Differentially Private Federated Learning Using Second Order Information - M. Krouka
• Presenter: Instructor (see canvas),

Thu Feb 19 2026: Hardware security (Virtual)

• Reading:
  • Efficiently Mitigating Transient Execution Attacks using the Unmapped Speculation Contract — J. Behrens et al.
• Presenter: Students (see canvas), slides

Fri Feb 20 2026: Status update (Project Plan Update)

Tue Feb 24 2026: LLM attacks

• Reading:
  • Extracting Training Data from Large Language Models -N. Carlini et al
• Presenter: Students (see canvas), slides

Thu Feb 26 2026: Hardware security

• Reading:
  • SoK: Understanding Design Choices and Pitfalls of Trusted Execution Environments — M. Li et al.
• Presenter: Students (see canvas), slides

Fri Feb 27 2026: Status update (Project Paper Outline)

Tue Mar 3 2026: LLM defenses

• Reading:
  • A Survey on Model Extraction Attacks and Defenses for Large Language Models -K. Zhao
• Presenter: Students (see canvas), slides

Thu Mar 5 2026: Final presentations

Fri Mar 6 2026: Status update (Project Paper Draft for Peer review)

Tue Mar 10 2026: Final presentations

Thu Mar 12 2026: MS Comprehensive exam/NO CLASS

Fri Mar 13 2026: Status update (Project Paper Draft Peer review Due)

Tue Mar 17 2026: Final Project Paper Due

Evaluation

Since the primary goal of this course is to prepare to you to do research, the evaluation for this course is simple: (1) class participation and (2) research project.

Participation (35%)

You are expected to read the assigned paper(s) before each meeting, provide a 1-paragraph write-up, and present 1 of the assigned papers. In class we will discuss the interesting parts of the paper(s). You are expected to do any background reading on your own and come prepared with questions and an evaluation of the paper when you are the presenter and when you are not. Click here for a slide template you can use.

Research project (65%)

You will work on projects in groups of 3-5. The goal of the project is to conduct original research in security. You are encouraged to come up with your own project idea, but we have a few ideas that are well-scoped for a quarter project.

At the end of the quarter, you are expected to turn in a short research paper (6-10 pages) and give a 7-10 minute talk. We will have periodic status updates to help you stay on track.

Comprehensive exam

If you are a MS student taking the comprehensive exam, your comprehensive exam will not count towards your final grade.

Project ideas

Take a look at Stefan’s list of project ideas and Deian’s list. I am a usable privacy and security researcher so the list I am providing below fills this gap with questions to get you started:

• Literature review : I will accept SOK papers in this courses. The requirement here is that you must use some NLP/mixed methods technique to do your analysis. This course is 10 weeks and not nearly enough time to read all the papers.
• Privacy pop-ups and the end user response
• Security anaylsis of the free tools provided to track flights
• How has AI pruvacy notices and terms changed over the last few years? What has impacted them?
• How are gen AI video creaters negotiating privacy?
• How are everyday social media users negotiating privacy in terms of gen AI and their personal image?
• How is open source intelligence used on tik tok? What educational initiatives might support those being found?
• How has gen AI impacted cybercrime? What solutions have prevaled?
• What can we cyber security professionals learn from physical security professionals?

Hall of fame

List of papers that started out as CSE 227 projects:

• CoResident Evil: Covert Communications in the Cloud with Lambdas, Anil Yelam, Ariana Mirian, Keerthana Ganesan, Shibani Subbareddy, and Stefan Savage, Proceedings of the Web Conference (WWW), Ljubljana, Solvenia, April 2021.

• Доверя́й, но проверя́й: SFI safety for native-compiled Wasm, Evan Johnson, David Thien, Yousef Alhessi, Shravan Narayan, Fraser Brown, Sorin Lerner, Tyler McMullen, Stefan Savage, and Deian Stefan, Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2021.

• Retrofitting Fine Grain Isolation in the Firefox Renderer, Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Nathan Froyd, Eric Rahm, Sorin Lerner, Hovav Shacham, and Deian Stefan, Proceedings of the USENIX Security Symposium, August 2020.

• Network Reconnaissance and Vulnerability Excavation of Secure DDS Systems, Ruffin White, Gianluca Caiazza, Chenxu Jiang, Xinyue Ou, Zhiyue Yang, Agostino Cortesi, Henrik Christensen, Proceedings of Workshop on Software Security for Internet of Things (SSIoT), June 2019.

• FaCT: A Flexible, Constant-Time Programming Language, Sunjay Cauligi, Gary Soeller, Fraser Brown, Brian Johannesmeyer, Yunlu Huang, Ranjit Jhala, and Deian Stefan, Secure Development Conference (SecDev), September 2017.

• On the (In)effectiveness of Mosaicing and Blurring as Tools for Document Redaction, Steven Hill, Zhimin Zhou, Lawrence Saul, and Hovav Shacham, Privacy Enhancing Technologies Symposium, Darmstadt, Germany, July 2016.

• Fast and Vulnerable: A Story of Telematic Failures, Ian Foster, Andrew Prudhomme, Karl Koscher, and Stefan Savage, Proceedings of the USENIX Workshop On Offensive Technologies (WOOT), Washington D.C., August 2015.

• Are AES x86 Cache Timing Attacks Still Feasible? (short paper), Keaton Mowery, Sriram Keelveedhi, and Hovav Shacham, Proceedings of the Cloud Computing Security Workshop (CCSW), October 2012.

• When Good Services Go Wild: Reassembling Web Services for Unintended Purposes, Feng Lu, Jiaqi Zhang, and Stefan Savage, Proceedings of the USENIX Workshop on Hot Topics in Security, Bellevue, WA, August 2012.

• Heat of the Moment: Characterizing the Efficacy of Thermal Camera-Based Attacks, Keaton Mowery, Sarah Meiklejohn, and Stefan Savage, Proceedings of the USENIX Workshop On Offensive Technologies (WOOT), San Francisco, CA, August 2011.

• Extracting Device Fingerprints from Flash Memory by Exploiting Physical Variations, Pravin Prabhu, Ameen Akel, Laura Grupp, Wing-Key Yu, G. Edward Suh, Edwin Kan, and Steven Swanson, Proceedings of the 4th International Conference on Trust and Trustworthy Computing (TRUST), Pittsburg, Pennsylvania, June 2011.

• Privacy-preserving Network Forensics, Mikhail Afanasyev, Tadayoshi Kohno, Justin Ma, Nick Murphy, Stefan Savage, Alex C. Snoeren, and Geoffrey M. Voelker, Communications of the Association for Computing Machinery 54(5), May 2011.

• Got Traffic? An Evaluation of Click Traffic Providers, Qing Zhang, Thomas Ristenpart, Stefan Savage, and Geoffrey M. Voelker, Proceedings of the WICOM/AIRWeb Workshop on Web Quality (WebQuality), Hyderabad, India, Mar 2011.

• Neon: System Support for Derived Data Management, Qing Zhang, John McCullough, Justin Ma, Navil Schear, Michael Vrable, Amin Vahdat, Alex C. Snoeren, and Geoffrey M. Voelker, Proceedings of the ACM International Conference on Virtual Execution Environments (VEE), Pittsburgh, PA, March 2010.

• When Good Instructions Go Bad: Generalizing Return-Oriented Programming to RISC, Erik Buchanan, Ryan Roemer, Hovav Shacham, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, October 2008, pages 27-38.

• Reconsidering Physical Key Secrecy: Teleduplication via Optical Decoding, Benjamin Laxton, Kai Wang, and Stefan Savage, Proceedings of the ACM Conference on Computer and Communications Security (CCS), Alexandria, VA, October 2008, pages 469-77.