Course Details
Course | CSC-405 Computer Security |
Meeting Location | 1103 James Hunt Library |
Meeting Times | Tu/Th 8:30AM - 9:45AM |
Credits | 3 |
Instructors | Alexandros Kapravelos, Adam Gaweda |
akaprav at ncsu.edu | |
Office Hours | By appointment |
Course Resources
You can find the class schedule and all slides from the lectures here.
We will use Piazza for our communication.
The recorded lectures will be available here.
Course Corequisites
The course has the following co-requisites:
CSC236 - Computer Organization and Assembly Language for Computer Scientists
CSC246 - Concepts and Facilities of Operating Systems for Computer Scientists
Informal: You need to understand (1) IP networks, (2) modern operating systems (e.g., Windows, Linux), (3) basics of systems theory and implementation (e.g., file systems, distributed systems, networking, operating systems, etc.). If you do not have a basic understanding of these areas, you will have difficulty with the course. If you have questions regarding these prerequisites, please contact the instructor.
Overview
In this class, we explore several aspects of computer security with the goal of understanding the attacker’s mindset. The class will help students to develop a foundation and a well-rounded view of software and web vulnerabilities. We will cover some of the fundamental attack/defense techniques and ongoing research activities in a number of topics in software and web security.
Textbooks and Reading Material
This course has no formal textbook. The course readings will come from online book chapters, seminal papers, and other informative sources.
Here are some useful online books that provide additional information:
- The Shellcoder’s Handbook: Discovering and Exploiting Security Holes
- Hacking, The Art of Exploitation
- The Tangled Web A Guide to Securing Modern Web Applications
Student Learning Outcomes
By the end of this course, students will be able to:
- Understand in depth software and web vulnerabilities
- Craft attacks against known software and web vulnerabilities in a contained environment
- Understand what defense mechanisms exist against software and web attacks, how they work and why some of them fail against the most advanced attack techniques
- Design systems and software with security in mind
Course Structure and Grading
The course will consist of several homework assignments that contribute to the final grade in the following proportions:
100% | Homework Assignments |
The final letter grade will be based on the final percentage as follows:
A+ <= 97% < A <= 93% < A- <= 90% < B+ <= 87% < B <= 83% < B- <= 80% < C+ <= 77% < C <= 73% < C- <= 70% < D+ <= 67% < D <= 63% < D- <= 60% < F
REG 02.50.03 (Grades and Grade Point Average) describes the grade point interpretation of letter grades.
Homework Assignments
The instructor will assign homework assignments on a periodic basis for topics associated with the class assignments. These assignments require the students to write, program, or perform other basic research. The content and due dates of these assignments will be decided over the course of the semester and will be announced on Piazza.
Course Schedule
See the course schedule. Note that the schedule is subject to change as the semester evolves.
Late Policy
No late assignments will be accepted. Students with legitimate reasons who contact the professor before the deadline may apply for an extension.
Attendance Policy
All lectures will be recorded and available online for this class. See also Health and Participation in Class.
Academic Integrity Policy
The university, college, and department policies against academic dishonesty will be strictly enforced. You may obtain copies of the NCSU Code of Student Conduct from the Office of Student Conduct, or from the following URL.
The instructor expects honesty in the completion of tests and assignments. The instructor has a zero tolerance policy for violations of academic integrity. The instructor carefully monitors for instances of offenses such as plagiarism and illegal collaboration, so it is very important that students use their best possible judgement in meeting this policy. On the discovery of an offense the instructor will assign the ‘F’ grade and refer the student to the appropriate University bodies for possible further action. It is the understanding and expectation of instructor that the student’s signature on any test or assignment means that the student neither gave nor received unauthorized aid.
Note that students are explicitly forbidden to copy anything off the Internet (e.g., source code, text) for the purposes of completing an assignment or the final project. Also, students are forbidden from discussing or collaborating on any assignment except were explicitly allowed in writing by the instructor.
Ethics Statement
This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.
When in doubt, please contact the course professor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from the instructor.
Health and Participation in Class
We are most concerned about your health and the health of your classmates and instructors/TAs.
-
If you test positive for COVID-19, or are told by a healthcare provider that you are presumed positive for the virus, you should not attend any face-to-face (F2F) classes or face-to-face component of a hybrid class. Work with your instructor on any adjustments necessary; also follow other university guidelines, including self reporting (Coronavirus Self Reporting): Self-reporting is not only to help provide support to you, but also to assist in contact tracing for containing the spread of the virus.
-
If you feel unwell, even if you have not been knowingly exposed to COVID-19, please do not come to a F2F class or activity.
-
If you are in quarantine, have been notified that you may have been exposed to COVID-19, or have a personal or family situation related to COVID-19 that prevents you from attending this course in person (or synchronously), please connect with your instructor to make alternative plans, as necessary.
-
If you need to make a request for an academic consideration related to COVID-19, such as a discussion about possible options for remote learning, please talk with your instructor.
Health and Well-Being Resources
These are difficult times, and academic and personal stress are natural results. Everyone is encouraged to take care of themselves and their peers. If you need additional support, there are many resources on campus to help you:
-
Counseling Center (NCSU Counseling Center)
-
Student Health Services (Health Services | Student)
-
If the personal behavior of a classmate concerns or worries you, either for the classmate’s well-being or yours, we encourage you to report this behavior to the NC State CARES team: (Share a Concern).
-
If you or someone you know are experiencing food, housing or financial insecurity, please see the Pack Essentials Program (Pack Essentials).
Community Standards related to COVID-19
We are all responsible for protecting ourselves and our community. Please see the community standards and Rule 04.21.01 regarding Personal Safety Requirements Related to COVID-19 RUL 04.21.01 – Personal Safety Requirements Related to COVID-19 – Policies, Regulations & Rules
Course Expectations Related to COVID-19
-
Face Coverings: All members of the NC State academic community are expected to follow all university policies and guidelines, including the Personal Safety Rule and community standards, for the use of face coverings.
-
Course Attendance: NC State attendance policies can be found at: REG 02.20.03 – Attendance Regulations – Policies, Regulations & Rules. Please refer to the course’s attendance, absence, and deadline policies for additional details. If you are quarantined or otherwise need to miss class because you have been advised that you may have been exposed to COVID-19, you should not be penalized regarding attendance or class participation. However, you will be expected to develop a plan to keep up with your coursework during any such absences. If you become ill with COVID-19, you should follow the steps outlined in the health and participation section above.
-
Technology Requirements: This course may require particular technologies to complete coursework. Be sure to review the syllabus for these expectations, and see the syllabus technical requirements for your course. If you need access to additional technological support, please contact the Libraries’ Technology Lending Service: (Technology Lending).
Course Delivery Changes Related to COVID-19
Please be aware that the situation regarding COVID-19 is frequently changing, and the delivery mode of this course could change accordingly, including from in-person to remote. Regardless of the delivery method, we will strive to provide a high-quality learning experience.
N.C. State University Polices, Regulations, and Rules (PRR)
Students are responsible for reviewing the PRRs which pertain to their course rights and responsibilities. These include: Equal Opportunity and Non-Discrimination Policy Statement, Office for Institutional Equity and Diversity, Code of Student Conduct, and Grades and Grade Point Average.
Statement for students with disabilities
Reasonable accommodations will be made for students with verifiable disabilities. In order to take advantage of available accommodations, students must register with Disability Services for Students at 1900 Student Health Center, Campus Box 7509, 919-515-7653. For more information on NC State’s policy on working with students with disabilities, please see the Academic Accommodations for Students with Disabilities Regulation (REG 02.20.01).
Statement on Identity
I make an effort to treat all of my students with respect, and an important part of that is correctly addressing students with correct names and pronouns. If you would like to be called by a different name or pronoun other than what is in the directory, let me know (in person or email). Also, if I mispronounce your name, please let me know – it is not intentional!
Statement on transportation
Students have to provide their own transportation for any and all class related trips.
Statement on safety and risk assumption
This course does not require activities that pose physical risk to students.
Course Evaluation
Online class evaluations will be available for students to complete during the last two weeks of class. Students will receive an email message directing them to a website where they can login using their Unity ID and complete evaluations. All evaluations are confidential; instructors will never know how any one student responded to any question, and students will never know the ratings for any particular instructors.
Resources | |
---|---|
Evaluation website: | https://go.ncsu.edu/cesurvey |
Student help desk: | [email protected] |
Info about ClassEval: | https://oirp.ncsu.edu/surveys/classeval/for-students/how-classeval-works/ |