Instructor Patrick McDaniel (mcdaniel 'at' cse.psu.edu)
Location IST 223B
Meeting Times W 5:00-8:00pm
Credits 3
Office Hours by appointment

This course provides a graduate-level introduction to computer and network security. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. The course begins with a tutorial of the basic elements of cryptography, cryptanalysis, and systems security, and continues by covering topics in a wide range of security areas.

Topics covered include network security, authentication, security protocol design and analysis, security modeling, trusted computing, key management, program safety, intrusion detection, DDOS detection and mitigation, architecture/operating systems security, security policy, group systems, biometrics, web security, and other emerging topics. A detailed list of lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) is available on the course schedule.


The course will be graded on course projects and class participation in the following proportions:

90% Course Projects
10% Class Participation

Course Projects

The projects will require students to develop presentations that describes some security relevant research. Projects will be graded on correctness, clarity, and effort. The details of the projects will be made in class.

Class Participation

Course lectures will be driven the contents of assigned papers. However, students are going to be required to participate in discussions of the paper content during each lecture. Hence, the students ability to exhibit comprehension of papers is essential to a passing grade.

Lateness Policy

Assignments are assessed a 10% per-day late penalty, up to a maximum of 4 days. Unless the problem is apocalyptic, don't give me excuses. Students with legitimate reasons who contact the professor before the deadline may apply for an extension.

Ethics Statement

This course covers topics in personal and public privacy and security. As part of this investigation we will explore technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.

Any instance of sharing or plagiarism, copying, cheating on tests, or other disallowed behavior will constitute a breach of ethics and will result in dismissal from the class with a failing grade.

Students are responsible for reporting any violation of these rules by other students, and failure to constitutes a ethical violation that carries with it similar penalties.

When in doubt, please contact the course professor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from Professor McDaniel.

Course Updates

[08/29/2014] I have put up a preliminary website for the CSE543 course with initial schedule.