CS 161: Computer Security

Introduction

CS 161 is UC Berkeley’s undergraduate course in computer security. It provides a comprehensive introduction to cryptography, system security, web security, and network security/architecture. The course emphasizes understanding security principles, identifying vulnerabilities, and designing systems that are resistant to attacks.

Key Topics Covered

1. Cryptography: Symmetric Key Encryption, Public Key Cryptography, Digital Signatures, Hash Functions.

2. System Security: Memory Safety (Buffer Overflows, Use-After-Free), Secure Software Development, Exploits (e.g., Stack Smashing, ROP), Mitigation Techniques (ASLR, Stack Canaries, DEP).

3. Web Security: Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), SQL Injection, Same-Origin Policy.

4. Network Security: Transport Layer Security (TLS), Man-in-the-Middle Attacks, TCP/IP Protocol Analysis, DNS and HTTP Security.

Project 2

Implemented a simplified encryption scheme that provided secure sharing of files across multiple users.

I worked alongside a partner to develop the scheme as well as the test suite using Go. We passed all but 2 test cases putting our score in the 90th percentile of implementations

Security is not a single feature but a mindset integrated into every stage of software development.

Understanding how attackers think is essential for designing effective defenses.

Balancing usability, performance, and security is a constant challenge in system design.

I thoroughly enjoyed the Web Security half of this course because of my interest in Capture The Flag Challenges (CTFs). Project 2 is one of the projects I'm most proud of because it showed me that putting a lot of time and considering into my work will often yield good results.