Description

Welcome to the undergraduate course on Systems Security. The course is open to computer science, advanced technology, mathematics, and engineering students. Starting for students entering in Fall 2010 or later, the course is required for all undergraduates in computer science.

As all of you probably realize, information is an important strategic and operational corporate asset. These days computers and computer networks, are increasingly being used for storing and retrieving information; consequently they need to have adequate security measures that can safeguard sensitive information from prying eyes.  In this course, we will explore some of the security measures that can be employed to safeguard systems and the information contained therein. During this course you will be learning about many different security tools and techniques some of which can also be used to circumvent or subvert network security measures.

Doing so in our production environment will be grounds for failure in the class.

Personnel

Section 001
Instructor: Dr. Joseph Gersch
Email:
Office: COMSC 464
Office Hours: T/R 1-2
Lecture: 2:00-3:15, T/R, Chem A103

Prerequisites

CS253 - Problem solving with C++

and

CS270 - Computer organization or ECE251 - Intro to Microprocessors

and

STAT 201 or STAT 204 or STAT 301 or STAT 307 or STAT 311 or STAT 315

Textbook

Computer Security (Required):

Computer Security: Principles and Practice - 4th Edition
Note: earlier editions ok, but be careful of homework assignments not matching the exact assignment numbers from the 4th edition.
William Stallings
Lawrie Brown

Lectures and Recitations

What Days Time Who Where
Lecture T/R 2:00 - 3:15pm Dr. Joseph Gersch Chem A103
Lab As required COMSC 120

Semester Schedule

This schedule is subject to change as the semester proceeds. New topics may be added or substituted.

Week Date Topics
Week 1 Jan 16,18 Class Intro, Security Overview
Week 2 Jan 23,25 Cryptographic Tools
Week 3 Jan 30, Feb 1 Authentication
Week 4 Feb 6,8 Access Control
Week 5 Feb 13,15 Network Basics, Database Security
Week 6 Feb 20,22 Malicious Software
Week 7 Feb 27, Mar 1 Denial of Service, Review for Mid-Term Exam
Week 8 Mar 6,8 MIDTERM EXAM, Review Exam Answers, Denial of Service
Week 9 Mar 13,15 No Class; spring break
Week 10 Mar 20,22 Intrusion Detection Systems
Week 11 Mar 27,29 Firewalls
Week 12 Apr 3,5 Buffer Overflow
Week 13 Apr 10,12 Software Vulnerabilities
Week 14 Apr 17,19 Internet Security Protocols
Week 15 Apr 24,26 Internet Authentication
Week 16 May 1,3 WIFI security, Review
Week 17 Tuesday, May 8, 9:40-11:40 FINAL EXAM

Grading

The course requires demonstration of a student’s grasp of the concepts on evaluations. Here is the grading scheme:

Activity Weight
Class Participation 10%
Homework Assignments / Quizzes 15%
Projects 25%
Midterm 25%
Final Exam 25%

If you believe you have been graded unfairly, talk with the your teaching assistant before meeting with the instructor.

Important Dates

Description Date
First day of classTuesday, Jan 16
Last day to add/dropWednesday, Jan 31
Midterm ExamTuesday, Mar 6
Spring Break! Saturday, March 10 through Sunday, March 18
Last day to withdraw ("W")Mar 19
Last LectureThursday May 3
Final ExamTuesday, May 8(9:40am-11:40am)

The midterm and final exam will be held in the same classroom as regular lectures. The final exam is comprehensive.

In Class Participation

All students taking this course are expected to participate actively. This includes asking and responding to questions. Students are also expected to scan the announcements on the home page and the progress page every day for updates.If an assignment changes significantly, we are responsible for sending out an email.

Each Student is expected to give an oral report and written paper on a current news topic relating to computer security. This is worth 5 points of the 10 points for student participation. "Newshound" reports will be scheduled at each lecture.

There will be a 24-hour late period for the notes that results in a 20% deduction.