CSE543 - Computer and Network Security
Overview
|
 |
This course provides an introduction to computer and network security. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. The course begins with a tutorial of the basic elements of cryptography, cryptanalysis, and systems security, and continues by covering a number of seminal papers and monographs in a wide range of security areas.
Topics covered include network security, authentication, security protocol design and analysis, security modeling, trusted computing, key management, program safety, intrusion detection, DDOS detection and mitigation, architecture/operating systems security, security policy, group systems, biometrics, web security, and other emerging topics. A detailed list of lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) is available on the course schedule.
Most of the course readings will come from seminal papers in the field. Links to these papers will be provided on the course pages. In addition, the following book will be used for readings and as reference material.
- Kaufman, C., Perlman, R. and Speciner, M., Network Security: Private Communication in a Public World, 2nd edition, Prentice Hall 2002.
Grading
The course will be graded on exams, assignments, a final course project, and class participation in the following proportions:
| 30% | Course Research Project |
| 20% | Assignments |
| 15% | Mid-term Exam |
| 25% | Final Exam |
| 10% | Class Participation |
Assignments
The instructor will assign homework assignments on a periodic basis for topics associated with the class assignments. These homeworks require the students to write, program, or perform other basic research. The content and due dates of these assignments will be decided over the course of the semester. If you cannot attend a lecture, contact other students to see if any assignments have been made and consult the syllabus.
Quizzes may given at the beginning of class and will cover topics from the preceding lecture and readings. It is strongly suggested that students do the reading prior class, as a good percentage of their grade will depend on them. Quizzes missed because of absences can not be made up unless arrangements are made with the instructor prior to the course meeting.
Course Project
The course project requires each student execute a limited research project in security. The chief product of the project will be a conference style paper. Project topics will be discussed in class after the introductory material is completed. Be realistic about what can be accomplished in a single semester. However, the work should reflect real thought and effort. The grade will be based on the following factors: novelty, depth, correctness, clarity of presentation, and effort.
Project teams may include groups of up to two students, though single authored works are strongly preferred. I will advise each team/individual independently as needed. The project grade will be a combination of grades received for a number of milestone artifacts and the final project write-up. Details of the milestones and content will be given in class with the other project details.
Class Participation
Course lectures will be driven by the contents of assigned papers and book chapters. Students are going to be required to participate in discussions of the paper content during each lecture. Hence, the students ability to exhibit comprehension of papers is essential to a passing grade.
Lateness Policy
Assignments and project milestones are assessed a 10% per-day late penalty, up to a maximum of 4 days. Unless the problem is apocalyptic, don't give me excuses. Students with legitimate reasons who contact the professor before the deadline may apply for an extension.
Academic Integrity Policy
Students are required to follow the university guidelines on academic conduct at all times. Students failing to meet these standards will automatically receive a 'F' grade for the course. The instructor carefully monitors for instances of offenses such as plagiarism and illegal collaboration, so it is very important that students use their best possible judgement in meeting this policy. The instructor will not entertain any discussion on the discovery of an offense, and will assign the 'F' grade and refer the student to the appropriate University bodies for possible further action.
Note that students are explicitly forbidden to copy anything off the Internet (e.g., source code, text) for the purposes of completing an assignment or the final project. Also, students are forbidden from discussing or collaborating on any assignment except were explicitly allowed in writing by the instructor.
Ethics Statement
This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.
When in doubt, please contact the instructor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from Professor McDaniel.
CSE543