Course Details
| Course | CSC-405-001 Computer Security |
| Meeting Location | 1231 EB2 |
| Meeting Times | Mo/We 8:30AM - 9:45AM |
| Credits | 3 |
| Instructors | Alexandros Kapravelos |
| akaprav at ncsu.edu | |
| Office Hours | By appointment |
| TA | Md Atiqur Rahman |
| TA office hours | Thursdays 11:00 AM - 2:00 PM in EB2 2240 |
Course Resources
You can find the class schedule and all slides from the lectures here.
We will use Piazza for our communication.
The recorded lectures will be available here.
Course Prerequisites/Corequisites
The course has the following recommended corequisites:
CSC236 - Computer Organization and Assembly Language for Computer Scientists
CSC246 - Concepts and Facilities of Operating Systems for Computer Scientists
Informal: You need to understand (1) IP networks, (2) modern operating systems (e.g., Linux), (3) basics of systems theory and implementation (e.g., file systems, distributed systems, networking, operating systems, etc.). If you do not have a basic understanding of these areas, you will have difficulty with the course. If you have questions regarding these prerequisites, please contact the instructor.
Course Overview
In this class, we explore several aspects of computer security with the goal of understanding the attacker’s mindset. The class will help students to develop a foundation and a well-rounded view of software and web vulnerabilities. We will cover some of the fundamental attack/defense techniques and ongoing research activities in a number of topics in software and web security.
Textbooks and Reading Material
This course has no formal textbook. The course readings will come from online book chapters, seminal papers, and other informative sources.
Here are some useful online books that provide additional information:
- The Shellcoder’s Handbook: Discovering and Exploiting Security Holes
- Hacking, The Art of Exploitation
- The Tangled Web A Guide to Securing Modern Web Applications
Student Learning Outcomes
By the end of this course, students will be able to:
- Understand in depth software and web vulnerabilities
- Craft attacks against known software and web vulnerabilities in a contained environment
- Understand what defense mechanisms exist against software and web attacks, how they work and why some of them fail against the most advanced attack techniques
- Design systems and software with security in mind
Course Structure and Grading
The course will consist of several homework assignments that contribute to the final grade in the following proportions:
| 75% | Homework Assignments |
| 25% | HackPack CTF challenges |
The final letter grade will be based on the final percentage as follows:
A+ <= 97% < A <= 93% < A- <= 90% < B+ <= 87% < B <= 83% < B- <= 80% < C+ <= 77% < C <= 73% < C- <= 70% < D+ <= 67% < D <= 63% < D- <= 60% < F
REG 02.50.03 (Grades and Grade Point Average) describes the grade point interpretation of letter grades.
Homework Assignments
The instructor will assign homework assignments on a periodic basis for topics associated with the class assignments. These assignments require the students to write, program, or perform other basic research. The content and due dates of these assignments will be decided over the course of the semester and will be announced on Piazza.
Course Schedule
See the course schedule. Note that the schedule is subject to change as the semester evolves.
Late Policy
No late assignments will be accepted. Students with legitimate reasons who contact the professor before the deadline may apply for an extension.
Attendance Policy
All lectures will be recorded and available online for this class. Students are expected to attend all lectures.
Academic Integrity Policy
The university, college, and department policies against academic dishonesty will be strictly enforced. You may obtain copies of the NCSU Code of Student Conduct from the Office of Student Conduct, or from the following URL.
The instructor expects honesty in the completion of tests and assignments. The instructor has a zero tolerance policy for violations of academic integrity. The instructor carefully monitors for instances of offenses such as plagiarism and illegal collaboration, so it is very important that students use their best possible judgement in meeting this policy. On the discovery of an offense the instructor will assign the ‘F’ grade and refer the student to the appropriate University bodies for possible further action. It is the understanding and expectation of instructor that the student’s signature on any test or assignment means that the student neither gave nor received unauthorized aid.
Note that students are explicitly forbidden to copy anything off the Internet (e.g., source code, text) for the purposes of completing an assignment or the final project. Also, students are forbidden from discussing or collaborating on any assignment except were explicitly allowed in writing by the instructor.
Ethics Statement
This course considers topics involving personal and public privacy and security. As part of this investigation we will cover technologies whose abuse may infringe on the rights of others. As an instructor, I rely on the ethical use of these technologies. Unethical use may include circumvention of existing security or privacy measurements for any purpose, or the dissemination, promotion, or exploitation of vulnerabilities of these services. Exceptions to these guidelines may occur in the process of reporting vulnerabilities through public and authoritative channels. Any activity outside the letter or spirit of these guidelines will be reported to the proper authorities and may result in dismissal from the class.
When in doubt, please contact the course professor for advice. Do not undertake any action which could be perceived as technology misuse anywhere and/or under any circumstances unless you have received explicit permission from the instructor.
University Policies
Academic Integrity and Honesty
Students are required to comply with the university policy on academic integrity found in the Code of Student Conduct. Therefore, students are required to uphold the university pledge of honor and exercise honesty in completing any assignment.
Please refer to the Academic Integrity web page for a detailed explanation of the University’s policies on academic integrity and some of the common understandings related to those policies.
Students may be required to disclose personally identifiable information to other students in the course, via electronic tools like email or web-postings, where relevant to the course. Examples include online discussions of class topics and posting of student coursework. All students are expected to respect the privacy of each other by not sharing or using such information outside the course.
Students are responsible for reviewing the NC State University PRR’s which pertains to their course rights and responsibilities:
- Equal Opportunity and Non-Discrimination Policy Statement and additional references
- Code of Student Conduct
- Grades and Grade Point Average
- Credit-Only Courses
- Audits
Students with Disabilities
Reasonable accommodations will be made for students with verifiable disabilities. In order to take advantage of available accommodations, students must register with the Disability Resource Office at Holmes Hall, Suite 304,Campus Box 7509, 919-515-7653 . For more information on NC State’s policy on working with students with disabilities, please see the Academic Accommodations for Students with Disabilities Regulation (REG02.20.01)
Trans-Inclusive Statement
In an effort to affirm and respect the identities of transgender students in the classroom and beyond, please contact me if you wish to be referred to using a name and/or pronouns other than what is listed in the student directory.
Basic Needs Security
Any student who faces challenges securing their food or housing or has other severe adverse experiences and believes this may affect their performance in the course is encouraged to notify the professor if you are comfortable in doing so. Alternatively, you can contact the Division of Academic and Student Affairs to learn more about the Pack Essentials program https://dasa.ncsu.edu/pack-essentials/
Course Evaluation
ClassEval is the end-of-semester survey for students to evaluate the instruction of all university classes. The current survey is administered online and includes 12 closed-ended questions and 3 open-ended questions. Deans, department heads, and instructors may add a limited number of their own questions to these 15 common-core questions. Each semester students’ responses are compiled into a ClassEval report for every instructor and class. Instructors use the evaluations to improve instruction and include them in their promotion and tenure dossiers, while department heads use them in annual reviews. The reports are included in instructors’ personnel files and are considered confidential. Online class evaluations will be available for students to complete during the last two weeks of the semester for full-semester courses and the last week of shorter sessions. Students will receive an email directing them to a website to complete class evaluations. These become unavailable at 8 am on the first day of finals.
- Contact ClassEval Help Desk: [email protected]
- ClassEval website
- More information about ClassEval
Syllabus Modification Statement
Our syllabus represents a flexible agreement. It outlines the topics we will cover and the order we will cover them in. Dates for assignments represent the earliest possible time they would be due. The pace of the class depends on student mastery and interests. Thus minor changes in the syllabus can occur if we need to slow down or speed up the pace of instruction.