CSCE 465: Computer and Network Security

Spring 2018


Instructor:        Dr. Guofei Gu (guofei AT cse.tamu.edu)

Lectures:         MWF 11:30 am - 12:20 pm, ETB 2005

Office Hour:    3-5pm Wednesday or by appointment, HRBB 502C

TA:                   Abner Mendoza (csce465  AT  gmail.com)

TA' s Office Hour: 2-3 pm Tuesday and 11am-noon Thursday; or by appointment, HRBB 502A


Course Description

Contents: Fundamental concepts and principles of computer security, operating system and network security, firewalls and intrusion detection systems, secret key and public key cryptographic algorithms, hash functions, authentication, SSL and Web security. 

The objective of this course is to provide students with a general understanding of fundamental concepts and principles of computer and network security. In support of this, the course will prepare students to do basic system-, network-, and application-level programming/labs related to security purpose.

Prerequisites: CSCE 313; Junior or Senior standing; or approval of instructor. 

Required textbooks: 

Reference textbooks:

Grading

Grading:     Assignments 50%, Test 1 20%, Final Exam 25%, Course participation 5%. (There will be bonus points in some assignments)
Assignments:     Five homework assignments, each including paper-and-pencil questions and/or programming/lab problems. These are individual assignments, no teams.
Grade scale:     90-100 = A. 80-89 = B. 70-79 = C. 60-69 = D. Below 60 = F

Honors Project: If you are in CSCE 465 honors section, you have to take this option. If you are in normal sections, it is optional. You can choose to form a team (up to 3 members) to do an honors project, in which you design/implement/evaluate some useful and new attack/defense/system/tool/service/user study, etc. If you take this option, you do not need to do the fifth homework and do not need to take the final exam! There will be also bonus points for excellent project. Talk to me asap if you want to take the option.

All assignments will be distributed and submitted through classroom.google.com. Please submit your assignment (e.g., program/report) in a single zip or tar ball. Please double check your submission to make sure it is complete and correct. All late submissions will automatically lose 20% points per delayed day. After grades distributed/returned, there is 1 week time limit to notify the instructor of any questions or concerns in the grading.

Cheat sheet for exam: You are allowed to bring 1 single-sided A4/Letter size paper with hand-written notes.

In many homework assignments, we will use security labs developed by Prof. Wenliang Du at Syracuse University through SEED project. Credits go to Prof. Du!

Ethics & Academic Integrity Statement and Policy

We will study/discuss threats and attacks in the class/lab. You should be fully aware of ethics when studying these techniques. If in any context you are not sure about where to draw the line, come talk to me first.

"An Aggie does not lie, cheat, or steal or tolerate those who do." For additional information, please visit: http://aggiehonor.tamu.edu.  

Upon accepting admission to Texas A&M University, a student immediately assumes a commitment to uphold the Honor Code, to accept responsibility for learning, and to follow the philosophy and rules of the Honor System. Students will be required to state their commitment on examinations, research papers, and other academic work. Ignorance of the rules does not exclude any member of the TAMU community from the requirements or the processes of the Honor System.

Americans with Disabilities Act (ADA) Policy Statement

The Americans with Disabilities Act (ADA) is a federal anti-discrimination statute that provides comprehensive civil rights protection for persons with disabilities. Among other things, this legislation requires that all students with disabilities be guaranteed a learning environment that provides for reasonable accommodation of their disabilities. If you believe you have a disability requiring an accommodation, please contact Disability Services, in Cain Hall, Room B118, or call 845-1637. For additional information visit http://disability.tamu.edu.

Schedule (tentative)

This tentative schedule will be updated as the course progresses. Please check back for most recent update!

Week Topic Reading Assignment
Week 1 Course logistics and topics
   
An overview of computer security
[Bishop] Chapter 1 
Week 2 An overview of computer security (cont.)
Lab basics
[Bishop] Chapter 2, 3 Homework 1 out
Program security I: buffer overflow attack & defense  [Bishop] Chapter 26, notes   
Week 3 Program security II: buffer overflow attack & defense (cont.) [Bishop] Chapter 26  
Malware I [Bishop] Chapter 19  
Week 4 Malware II
[Bishop] Chapter 19 Homework 2 out
Malware III
[Bishop] Chapter 19
Week 5 Introduction to basic cryptography
[KPS] Chapter 2   
Secret key cryptography I: DES, AES
[KPS] Chapter 3  
Week 6 Secret key cryptography II: Modes of operation
[KPS] Chapter 4 Homework 3 out
Secret key cryptography II, review
 
Week 7 Security theory I: Access control matrix, Fundamental results
[Bishop] Chapter 2, 3   
Test 1 (Friday, March 2)
 
 
Week 8 Security theory II: policies, models  [Bishop] Chapter 4-7    
Vulnerability analysis I  [Bishop] Chapter 20    
Week 9 Spring Break, no class
    
Week 10 Vulnerability analysis II  [Bishop] Chapter 20 Homework 4 out 
Firewalls
[Bishop] Chapter 23, [KPS] Chapter 23
Week 11 Intrusion detection systems (IDS)
[Bishop] Chapter 22  
Hashes and message digests
[KPS] Chapter 5  
Week 12 Hashes and message digests  [KPS] Chapter 5  
Public key cryptography
[KPS] Chapter 6  
Week 13 Public key cryptography [KPS] Chapter 6 Homework 5 out
Authentication I
[KPS] Chapter 9,10,12
Week 14 Authentication II [KPS] Chapter 11  
SSL/TLS
[KPS] Chapter 19  
Week 15 Basic web security
[KPS] Chapter 25
 
Honors project presentation

 
Week 16+
Project presentation and final exam
 
 



Acknowledgment

The course materials have incorporated those developed by Dr. Wenke Lee (Georgia Tech), Dr. Wenliang Du (Syracuse), Dr. Nick Feamster (Georgia Tech), Dr. Peng Ning (NCSU), Dr. Vitaly Shmatikov (UT Austin), and Dr. Matt Bishop (UC Davis). The copyright of these materials belongs to them.