|Teaching Assistants:||Thanassis Avgerinos and Sang Kil Cha|
This is a breadth course that introduces common notions in computer security. We cover cryptography as applied in modern systems, network security, operating system security, and software security.
For each topic covered, students should be able to answer "What constitutes security regarding this topic?". In particular:
- Describe the desired security properties.
- Describe common attacks.
- Gain experience through homework working with primitives commonly found in practice
Computer Security: Principles and Practice by William Stallings and Lawrie Brown. We may also have additional assigned readings that are available freely on the web.
|David Brumley||By appointment.|
|Thanassis Avgerinos||Thu. 4.30~5.30pm|
|Sang Kil Cha||Tue. 5~6pm|
- 15-251 (we will use probabilities and basic number theory)
- 15-213/18-243 (we will assume you have done a basic buffer overflow and know some x86 assembly.)
- Skills in operating systems and programming languages (C and Java). Programming assignments will be graded in a UNIX environment. It is up to the student to make sure the assignment can be run to grade.
- 89.5-100: A
- 79.5-89.4: B
- 69.5-79.4: C
- 59.5-69.4: D
- < 59.4: F
- 30% Homework
- 30% Midterm
- 40% Final
Exceptional work will be rewarded as appropriate.
No late days.
The course staff will treat all students ethically and fairly. We, in turn, expect the same from all students.
Any lapse in ethical behavior will immediately result in -1,000,000 points, as well as be immediately reported to the appropriate university disciplinary unit. Really. Even if you just have to pass the class, even if you didn't know it was cheating or plagiarism, and even if it will never happen again. Prof. Brumley is very, very tough and intolerant of cheating, plagiarism, or unethical behavior.
The university policy on cheating and plagiarism is available here. Note that the policy gives several examples of what constitutes cheating/plagiarism. If you have any questions, you should contact the instructor.
Please ask the course staff if you have any questions regarding whether a particular behavior is OK or not. In particular:
- Don't break laws or cause a nuisance. This course discussed security-related topics. As such, you will be exposed to ideas and techniques that could be used to break the law. This knowledge does not mean it is OK to break the law or cause a nuisance. Examples of prohibited activities include scanning networks, launching exploits, "testing" the security of a system without explicit permission from all necessary parties, and so on.
- Collaboration. Students are encouraged to talk to each other, to the course staff, or to anyone else about any of the assignments. Assistance should be limited to discussion of the problem and sketching general approaches to a solution. Each student must turn in his or her own solution.