ISE 331 – Computer Security

 

Instructor: Long Lu
Location: HARRIMAN HLL 116
Meeting Times: Mon Wed 5:30 p.m. – 6:50 p.m. (Spring 2016)
Prerequisites: Basics of computer networks and systems
Office Hours: Mon Wed 5:00 p.m. – 5:30 p.m. (Spring 2016)

 

  • Course Description

    This course covers the basic topics in computer and network security and contains the following components: basic cryptography, network security, intrusion detection, web security, and mobile security.

    Students should expect an average reading load of 1 book chapter (or equivalent) per week, two exams, hands-on homework, and a project that involves system-level programming.

    Reading Materials and Text Books

    Pre-class readings consist of papers, articles, and book chapters, whose digital copies will be provided before class. Materials provided in this course should be used for educational purposes only and not be distributed without permissions.

    The following text books are recommended, but NOT required:

    • [NS] Network Security: Private Communication in a Public World (by Charlie Kaufman et al.)
      ISBN-10: 0130460192 | ISBN-13: 978-0130460196
    • [ICS] Introduction to Computer Security (by Michael Goodrich and Roberto Tamassia)
      ISBN-10: 0321512944 | ISBN-13: 978-0321512949
    • [HAC] Handbook of Applied Cryptography (by Alfred J. Menezes et al.)
      Available for download at http://cacr.uwaterloo.ca/hac/

    Learning and Teaching

    For effective in-class learning, students must finish the required readings before coming to classes. This course is taught primarily using whiteboard with occasional uses of slides for demonstrations. Note-taking is strongly encouraged, so is active participation in discussions.

    Grading

    • Assignments, and presentations – 30%
    • Mid-term exam – 20%
    • Final exam – 20%
    • Projects – 30%

    Honor Code

    Students are required to follow the university honor code and guidelines on academic conduct at all times. Failing to do so will result in instant reports to the university.

  • Schedule (tentative)

    Students must check this schedule regularly as new materials are frequently added without separate announcements.

    Date Topic Readings & References Note
    Basic Crypto
    1/25 Course Introduction
    1/27 Symmetric-key cryptography (I) Chapter 1.1-1.5, 6.1, and 7.1-7.3 in [HAC];
    2/1 Symmetric-key cryptography (II) Chapter 3 and 4 in [NS] (optional);
    2/3 Asymmetric-key cryptography (I) Chapter 1.6-1.11 and 8.1-8.2 in [HAC];
    Chapter 2.5 and 2.6 in [NS] (optional);
    2/8 Class cancelled due to snow storm
    Network Security
    2/10 Asymmetric-key cryptography (II) Chapter 2.5 and 2.6 in [NS] (optional); HW1 Release
    2/15 Passwords and
    authentication
    Password security: A case history;
    Chapter 9 and 10 in [NS] (optional);
    2/17 TCP/IP (II) TCP/IP Security, IPSEC
    2/22 Hands-on Session
    2/24 HW1 presentation HW1 Due
    2/29 DNS DNS security issues
    3/2 SSL/TLS Issues and challengesBest practice
    Intrusion and Detection
    3/7 Botnets and malware Malware-related terms;Tracking Botnets
    3/9 Intrusion Detection Survey; Open IDS
    3/14 NO CLASS Spring Recess
    3/16 NO CLASS Spring Recess
    3/21 Hands-on: malware Bring your laptops
    3/23 Mid-term exam HW2 Release
    Web Security
    3/28 Browser security (I) Browser security: lessons from Chrome
    3/30 Browser security (II) Browser security handbook
    4/4 HW2 presentation HW2 Due
    4/6 Server-side security (I) Guest lecture by Prof. Nick Nikiforakis
    4/11 Server-side security (II)
    Mobile Security
    4/13 iOS security iOS Security Project Release
    4/18 Android security (I)
    4/20 Android security (II)
    4/25
    Wrap-up
    4/27 Project
    presentation (I)
    Project Due
    5/2 Project
    presentation (II)
    5/4 Final Exam Same time, same room