CSC-405 Introduction to Computer Security
Course Details
| Course | CSC-405 Introduction to Computer Security, Spring 2017 |
|---|---|
| Meeting Location | 2211 College of Textiles |
| Meeting Times | Tu/Th 16:30pm-17:45pm |
| Credits | 3 |
| Instructor | Alexandros Kapravelos |
| akaprav 'at' ncsu.edu | |
| Office | 3258 EBII |
| Office Hours | By appointment |
Course Resources
You can find the class schedule and all slides from the lectures here.
We will use Piazza for our communication.
The lectures are recorded and available here.
Course Prerequisites
Informal: You need to understand (1) IP networks, (2) modern operating systems (e.g., Windows, Linux), (3) basics of systems theory and implementation (e.g., file systems, distributed systems, networking, operating systems, etc.). If you do not have a basic understanding of these areas, you will have difficulty with the course. If you have questions regarding these prerequisites, please contact the instructor.
Overview
This course provides a graduate-level introduction to computer and network security. Students successfully completing this class will be able to evaluate works in academic and commercial security, and will have rudimentary skills in security research. The course begins with a tutorial of the basic elements of exploitation and defences, and systems security, and continues by covering a number of seminal papers and monographs in a wide range of security areas.
Topics covered include network security, program safety, intrusion detection, DDoS detection and mitigation, architecture/operating systems security, security policy, web security, and other emerging topics. A detailed list of lecture by lecture contents, assignments, and due dates (subject to change as semester evolves) is available on the course schedule.
Textbooks and Reading Material
This course has no formal textbook. The course readings will come from online book chapters, seminal papers, and other informative sources.
Here are some useful online books that provide additional information:
- Ross Anderson. Security Engineering, 2nd Edition. Wiley. April 2008.
- Jaeger, T., Operating System Security. Morgan & Claypool, 2008. (PDF available for free download when on NCSU campus network: click here).
Student Learning Outcomes
By the end of this course, students will be able to:
- Understand in depth and implement the most common software attacks.
- Identify software bugs that are exploitable and fix them.
- Understand how web attacks work and demonstrate how our browsers can get compromised.
- Explain common network attacks and how to defend against them.
- Describe the methods and motivation of Internet malware, and explain existing defense mechanisms and their limitations.
- Design systems and software with security in mind.
Course Structure and Grading
The course will consist of one midterm, a final and several homework assignments that contribute the the final grade in the following propotions:
| 15% | Mid-term Exam |
| 15% | Final Exam |
| 60% | Homework Assignments |
| 10% | Class Participation |
The final letter grade will be based on the final percentage as follows:
A+ <= 97% < A <= 93% < A- <= 90% < B+ <= 87% < B <= 83% < B- <= 80% < C+ <= 77% < C <= 73% < C- <= 70% < D+ <= 67% < D <= 63% < D- <= 60% < F
REG 02.50.03 (Grades and Grade Point Average) describes the grade point interpretation of letter grades.
Homework Assignments: The instructor will assign homework assignments on a periodic basis for topics associated with the class assignments. These homeworks require the students to write, program, or perform other basic research. The content and due dates of these assignments will be decided over the course of the semester. If you cannot attend a lecture, contact other students to see if any assignments have been made and consult the syllabus.
Weekly Course Schedule
See the course schedule. Note that the schedule is subject to change as the semester evolves.
Assignment Lateness Policy
Homework deadlines will be hard. Late assignments will be accepted within 24 hours with a 25% reduction in grade. Homeworks submitted after 24 hours will have a 100% penalty. Students with legitimate reasons who contact the professor before the deadline may apply for an extension.
Attendance Policy
The instructor will not take any formal attendance for class meetings. Exam material includes anything in the readings, slides, and topics discussed in class. Students missing class should consult classmates on missed material.
The university policy on excused absences will be observed (see http://policies.ncsu.edu/regulation/reg-02-20-03). The students are responsible for discussing makeup exams if they miss exams due to excused absence. The instructor will choose a mutually agreed date and time for the makeup exam. Late submission of homework assignments due to excused absences is not subject to the policies on late assignments.
Academic Integrity Policy
The university, college, and department policies against academic dishonesty will be strictly enforced. You may obtain copies of the NCSU Code of Student Conduct from the Office of Student Conduct, or from the following URL: http://policies.ncsu.edu/policy/pol-11-35-01
The instructor expects honesty in the completion of test and assignments. The instructor has a zero tolerance policy for violations of academic integrity. The instructor carefully monitors for instances of offenses such as plagiarism and illegal collaboration, so it is very important that students use their best possible judgement in meeting this policy. The instructor will not entertain any discussion on the discovery of an offense, and will assign the 'F' grade and refer the student to the appropriate University bodies for possible further action. It is the understanding and expectation of instructor that the student's signature on any test or assignment means that the student neither gave nor received unauthorized aid. For additional information, visit http://studentconduct.ncsu.edu/
Note that students are explicitly forbidden to copy anything off the Internet (e.g., source code, text) for the purposes of completing an assignment or the final project. Also, students are forbidden from discussing or collaborating on any assignment except were explicitly allowed in writing by the instructor.
Ethics Statement
This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.
When in doubt, please contact the course professor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from the instructor.
Statement on transportation
Students have to provide their own transportation for any and all class related trips.
Statement on safety and risk assumption
This course does not require activities that pose physical risk to students.
Statement for students with disabilities
Reasonable accommodations will be made for students with verifiable disabilities. In order to take advantage of available accommodations, students must register with Disability Services for Students at 1900 Student Health Center, Campus Box 7509, 919-515-7653. For more information on NC State's policy on working with students with disabilities, please see the Academic Accommodations for Students with Disabilities Regulation (REG 02.20.01).
N.C. State University Polices, Regulations, and Rules (PRR)
Students are responsible for reviewing the PRRs which pertain to their course rights and responsibilities. These include: http://policies.ncsu.edu/policy/pol-04-25-05 (Equal Opportunity and Non-Discrimination Policy Statement), http://oied.ncsu.edu/oied/policies.php (Office for Institutional Equity and Diversity), http://policies.ncsu.edu/policy/pol-11-35-01 (Code of Student Conduct), and http://policies.ncsu.edu/regulation/reg-02-50-03 (Grades and Grade Point Average).