15829/1883 Special Topics in Network Security & Software Security

15829/18839 Special Topics in Networking Security & Software Security

Instructor	Dawn Song
Course Home	http://www.ece.cmu.edu/~dawnsong/teaching/f03
Location	Porter Hall, Rm A18B
Meeting Times	Tuesday & Thursday, 3:00 to 4:20 PM

The first day of class will be September 4, because of the CS immigration course.

Instructor	TA
Dawn Song HH D203 http://www.ece.cmu.edu/~dawnsong	James Newsome HH D-level, cube C4 http://www.ece.cmu.edu/~jnewsome

Email address	Purpose
18839-f03-general@lists.andrew.cmu.edu	Questions about subject matter, course policy, grading, etc. (Also see the class discussion board, on blackboard).
18839-f03-summaries@lists.andrew.cmu.edu	Submit reading summaries here.
18839-f03-project@lists.andrew.cmu.edu	Submit project proposals, milestones, and papers here.
18839-f03-announce@lists.andrew.cmu.edu	You should subscribe to this list to receive class announcements. See instructions below.

To subscribe to 18839-f03-announce, send email to majordomo@lists.andrew.cmu.edu, with the text "subscribe 18839-f03-announce" in the body of the email.

Topics Covered in Class (subject to change):

Networking security: secure Internet routing (BGP, OSPF, etc.), Distributed Denial of Services attacks, intrusion detection and anomaly detection, traffic analysis

Secure operating systems & platforms: foundations of secure OS, attacks & defenses (race conditions, root compromise, etc.), Virtual machine monitors, Palladium, TCPA, SE Linux, .net

Secure coding & program analysis: vulnerabilities (buffer overrun, format string bugs, etc.), defenses & analysis tools

Other topics: web security, java security, mobile code securtiy, DRM, software watermarking

Intended Audience:

This class is intended for Ph D. students and students who are interested in computer security research. The prerequisite of this class includes undergraduate networking and operating systems. In this class, we will cover some of the most recent research results in selected areas in networking security and software security. Students are expected to conduct high quality class projects with research contributions and some of the projects may lead to publications in relevant areas.

Class Format:

Each class will involve lecturing and some discussions on related topics. 1 to 3 research papers will be assigned as reading requirements for each class. Reading assignments will be posted to the class web site (blackboard) several days before the class. Students must read the assigned papers before each class and write a short summary to be turned in electronically before class. The summaries should be sent to 18839-f03-summaries@lists.andrew.cmu.edu in plain text format. Each summary should contain a description of the proposed approach in the paper, three particular points you liked about the paper, and three points that you didn't like about the paper. In addition, there will be two discussion leaders assigned for each class. The discussion leader will write a more detailed summary for the assigned paper, and should be familiar with the fine points of the paper for the class discussion. The discussion leader summaries will be made available on the class web site.

A large portion of the class grade will be a research project. Students are encouraged to work in groups of 2 or 3 for this project (although groups of size 1 is allowed when justified). Each group will propose a project that is relevant to the course and perform the corresponding research. At the end of the semester, each group will have a short presentation, and turn in a final report.

Discussion Leader Requirements:

Each discussion leader needs to read all the assigned papers for that lecture. Each discussion leader needs to write up a detailed summary for each of the assigned papers for that lecture. The summary needs to be emailed to dawnsong@cmu.edu and jnewsome@ece.cmu.edu two days before lecture (i.e., for Tue class, the summary is due by Sunday midnight; for Thu class, the summary is due by Tue midnight). The summaries should be in plaintext format and included in the main body of the email. Each summary contains a description of the approach in the paper, three points that you like about the paper, three points that you do not like about the paper, and three discussion questions that you think would be beneficial to discuss in class. Two discussion leaders can work together but need to submit the summaries independently.

Project Documents Requirements:

All documents should be in 11 point font size, single column, single spaced, and submitted in .pdf format. Each group needs to submit the document both by email (to 18839-f03-project@lists.andrew.cmu.edu) before class and submit a hardcopy in class.

Project proposal:
The project proposal should be 3-4 pages long. It needs to include a description about the problem that you are trying to solve, why the problem is important, a preliminary literature search, proposed approach, proposed method for evaluation, and a time plan of the project.

Project milestone:
The project milestone should be 6-7 pages long. It needs to include a detailed description of the problem and motivation, a detailed literature search, proposed approach, preliminary results so far, and a time plan for the remaining of the semester.

Project paper:
The project paper should be 10-12 pages long. It needs to include a description of the problem, motivation, literature search, the results and analysis -- this should be a complete research paper!

Project presentation:
The project presentation should be at most 15 minutes long. It should contain a description of the problem that you're solving, the motiviation, the results and analysis, and related work. The talk should be clear, emphasize on the important results, and demonstrate the contribution by comparing with related work.

Requirements for Midterm Question Submission:

Each student should submit two proposed midterm questions by Oct 16 before class. Each student should submit the two questions in one email to 18839-f03-project@lists.andrew.cmu.edu before class, and submit a paper copy in class. Each student should provide answers to at least one proposed midterm questions. The proposed questions should be related to the material covered in class so far. Students are not allowed to exchange information on the proposed questions. The proposed midterm questions will be graded as part of the class participation effort. If a student's question is used partially or fully in the real midterm, the student gets an extra 10 points for the class grade.

Resources:

Information about the class will be available at http://www.ece.cmu.edu/~dawnsong/teaching/f03. Course information, announcements, and reading assignments will be posted to this site. We will also be using the CMU Blackboard site for this course. To access the site, go to http://www.cmu.edu/blackboard and log in. If you are enrolled in the course, it will appear under my courses.

If you have a question about the course, including course logistics or material we have covered, please post it to the Discussion Board. It's on the course blackboard site, under Communications. You may also send mail to 18839-f03-general@lists.andew.cmu.edu.

Grading:

45%	Final Project	Students will complete a research project related to the topics covered in this class. Students are encouraged to work in groups of 2 or 3.
15%	Class Participation	This portion is for participation in class discussions.
10%	Paper Summaries	Students must write a short summary for every paper assigned to the class. Summaries will be chosen randomly to be graded.
20%	Midterm	There will be a midterm exam.
10%	Discussion leader effort	Each student will be a discussion leader for one class.