Computer and Network Security

CS475

Spring 2015

TR 2:00pm - 3:20pm


Instructor

Dr. Rachel Greenstadt
Department of Computer Science
Drexel University
Office: University Crossings 140
Tel: 1 215 895 2920
Email: greenie AT cs drexel edu
Office Hours: Wed 3:00-4:00 or by appt

Teaching Assistant

Aylin Caliskan-Islam
Office: University Crossings 144
Email: ac993 at drexel edu
Office Hours: Tues 3:30-4:30 (UC 147)

Rebekah Overdorf
Office: University Crossings 144
Email: rjo43 at drexel edu
Office Hours: Tues 1:00 - 2:00 (UC 147)

Course Overview

This course provides a broad introduction to a variety of topics in applied computer and network security. These include software vulnerabilities, applied cryptography, network security, privacy, anonymity, usability, and security economics.

Prerequisites

  • CS 472
  • A serious interest in computer and network security.
  • Basic competency in computer science including computer architecture and socket programming, and basic competency in mathematics.

Textbook

The textbook for the course is Security Engineering by Ross Anderson.

Coursework and Grading

Grading will consist of two exams, three projects, online and in-class participation (including online discussion), and some written homework assignments. Projects may be done in groups of two or three people. The exams will be written, in class, and cover topics from the textbook, lectures, and supplemental readings. This class will follow the departmental academic integrity policy.

Below is the grading breakdown:

  • Midterm: 15%
  • Final: 20%
  • Projects: (2x15) 30%
  • Final Project/Security Review: 20%
  • Other homeworks, Class participation: 15%

The class participation grade will be determined by active participation in class discussions and exercises. You have two late days to use on the project. After this, late assignments will be dropped 20% per day.

Assignments

  • Security Review, Due April 9 before class. This is an individual assignment. Turn in on BBLearn. Instructions here. No late days can be used for this project.
  • Project 1: Software Vulnerabities due April 30, done in groups of up to 3. Project 1 instructions, cs475-appsec.ova, cs475-targets.tar.gz
  • Project 2: Cryptography due May 19, done in groups of up to 3. ciphertexts.tar.gz, instructions in the README.
  • Project 3: *Thorough* Security Review due June 4, done in groups of up to 3. Proposals due May 12. Proposals should include the name of the system you are planning to analyze, a link to the system, and a list of methods you plan to use to analyze the system. Final Project instructions.

Schedule

Note: This schedule is tentative and can change. In particular, look for readings to be added.

March 31 : Intro and Security Reviews

April 2 : Security Review Exercise

April 7: No-Tech Hacking, Usability, and Psychology

April 9 : More Security Reviews

April 14 : Software Security: Attacks

April 16 : Software Security: Attack Exercises

April 21 : Software Security: Defenses I

April 23: Software Security: Defenses II

April 28: Symmetric Cryptography

April 30 : Midterm Review

  • Project 1 due
  • Project 2 out

May 5: Midterm

May 7: Asymmetric Cryptography

May 12: Authentication

May 14 : Hashing/Cryptography Exercises

May 19: Network Security I

May 21 : Network Security II / More Security Reviews

May 28 : Cryptocurrencies

May 28 : Privacy

June 2 : Privacy, Part 2 and Review

June 4: Project 3 due

Finals Week:

2013 Slides