Overview
|
This course provides a graduate-level introduction to computer and network security. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. The course begins with a tutorial of the basic elements of cryptography, cryptanalysis, and systems security, and continues by covering topics in a wide range of security areas.
Topics covered include network security, authentication, security protocol design and analysis, security modeling, trusted computing, key management, program safety, intrusion detection, DDOS detection and mitigation, architecture/operating systems security, security policy, group systems, biometrics, web security, and other emerging topics. A detailed list of lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) is available on the course schedule.
Most of the course readings will come from seminal papers in the field. Links to these papers will be provided on the course pages. In addition, the following book will be used for readings and as additional reference material.
- Kaufman, C., Perlman, R. and Speciner, M., Network Security: Private Communication in a Public World, 2nd edition, Prentice Hall 2002.
Grading
The course will be graded on exams, a course project, and class participation in the following proportions:
| 40% | Course Projects |
| 20% | Mid-term Exam |
| 30% | Final Exam |
| 10% | Class Participation and quizzes |
Course Projects
There will be four programming assignments (each worth 10%) of the final grade. The assignments will require students to develop software that performs some security relevant function. Assignments will be graded on correctness, clarity of design, and documentation (e.g., comments and READMEs). The details of the projects will be made in class and through handouts made available on the course website.
Policy: All course projects are to be carried out individually. Students are explicitly not allowed to share information, source code, or even discuss the contents of the projects. Students are also forbidden from copying code from the Internet. No source code should be used as guideline, examples, or templates for a project--this is considered copying. Any violation of these policies will be considered a violation of ethical conduct (cheating) and will result in the student being removed from the class and assigned an 'F' grade. There will be no exceptions given for any reason whatsoever.
Class Participation
Course lectures will be driven the contents of assigned papers. However, students are going to be required to participate in discussions of the paper content during each lecture. Hence, the students ability to exhibit comprehension of papers is essential to a passing grade.
Lateness Policy
Assignments are assessed a 10% per-day late penalty, up to a maximum of 4 days. Unless the problem is apocalyptic, don't give me excuses. Students with legitimate reasons who contact the professor before the deadline may apply for an extension.
Ethics Statement
This course covers topics in personal and public privacy and security. As part of this investigation we will explore technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.
Any instance of sharing or plagiarism, copying, cheating on tests, or other disallowed behavior will constitute a breach of ethics and will result in dismissal from the class with a failing grade.
Students are responsible for reporting any violation of these rules by other students, and failure to constitutes a ethical violation that carries with it similar penalties.
When in doubt, please contact the course professor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from Professor McDaniel.
Course Updates
[04/08/2011] I have put up a preliminary website for the CSE543 course. More details about the course content will be provided over the coming months.
[08/03/2011] Assignment #1 has been updated to provide a couple of key details on the project. You can get the new assignment sheet on the course schedule.
[08/04/2011] The couse schedule has been filled in and largely completed. Please review the course schedule webpage for more detail.
[10/04/2011] Assignment #2 is now available. You can get the assignment sheet on the course schedule page0.
[10/16/2011] Assignment #3 is now available. You can get the assignment sheet on the course schedule page.
[11/01/2011] Assignment #4 is now available. You can get the assignment sheet on the course schedule page.