CSE598a/544 - Advanced Systems Security

Instructor Prof. Patrick McDaniel (mcdaniel 'at' cse.psu.edu)
Location 333 IST
Meeting Times T-TH 2:30am-3:45pm
Credits 3
Office Hours by appointment


This course provides a review of the theoretical and applied topics in systems security. Students satisfactorily completing the course will be able to formulate a security model, and apply cryptography, protocol design, and emergent systems security technologies to meet the requirements of that model. An extension of the CSE543 (a prerequisite), will consider important works in applied cryptography, formal analysis, intrusion detection, storage security, and other topics. This course will require the formulation, execution, and documentation of novel research in network security. The result of this effort will be a conference style paper.

A detailed list of a lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) is available on the course schedule.


The course will be graded on exams, a course project, and class participation in the following proportions:

30% Presentations
20% Class Participation
50% Course Project


Each student will be required to present a 40 minute lecture style presentation on one of the course papers at least twice during the semester. Students will be required to provide the professor slides for the presents at least 24 hours before the course meeting. Note that All slide material must generated by the students themselves. Any use of external material will be considered an act of plagiarism, and will be treated as such. Failure to adhere to these guidelines will result in the student recieving a failing grade in the course.

Course Project

The course project requires the student execute some limited research in security. The chief product of the project will be a conference style paper. Project topics will be discussed in class after the introductory material is completed. Be realistic about what can be accomplished in a single semester. However, the work should reflect real thought and effort. The grade will be based on the following factors: novelty, depth, correctness, clarity of presentation, and effort.

Project teams may include groups of up to two students, though single authored works are strongly preferred. I will advise each team/individual independently as needed. The project grade will be a combination of grades received for a number of milestone artifacts and the final project writeup. Details of the milestones and content will be given in class with the other project details (see schedule).

Class Participation

This course is essentially a paper course. That is, the lectures will be driven the contents of the papers. However, students are going to be required to participate in discussions of the paper content during each lecture. Hence, the students ability to exhibit comprehension of papers is essential to a passing grade. This will be closely monitored by the course instructor.

Required Texts

Most of the course readings will come from seminal papers in the field. Links to these papers will be provided on the course pages as the assignments are made.

Ethics Statement

This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.

When in doubt, please contact the instructor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from Professor McDaniel.

CSE544 (Spring 2007)