cs458 - Spring 2007

Textbook

• Introduction to Computer Security, Matt Bishop, Addison Wesley, ISBN: 0-321-24744-2

Other books

• Security in Computing, Charles P. Pfleeger and Shari L. Pfleeger, Prentice Hall, ISBN: 0-13-035548-8
• Exploiting Software - How to Break Code, Greg Hoglund and Gary McGraw, Addison Wesley, ISBN: 0-201-78695-8
• Computer Security Fundamentals, Chuck Easttom, Prentice Hall, ISBN: 0-13-171129-6

Grading

• Homeworks: 10%
• Midterm: 20%
• Final: 25%
• Programming Assignments: 35%
• Presentation: 10%

CNS printers tend to be busy the day the assignments are due, don't let them ruin your grade!

Exams are open-book(s) open-notes.

The following grading scale will be used to determine your grade in this class:

• A: 90 - 100
• B: 80 - 89
• C: 70 - 79
• D: 60 - 69
• E: 0 - 59 This is a failing grade!

Class attendance and participation will help settle the borderline grades. Regular class attendance is important and students are expected to actively participate in class: questions and comments are always welcome.

Programming Assignments

Programming assignments are designed to improve your understanding of core concepts by implementing them. Feel free to use your favorite programming language or use this as an opportunity to learn new ones.

This semester assignments will flow along two themes:

• Theme 1: Building a Secure Shell
• Preparation for cryptography: use of a large integer library
• 200-bit prime number generation and RSA
• Encrypting network traffic
• SSH server
• Theme 2 : Building an Intrusion Detection System
  • Rule-based firewall implementation
  • Packet sniffing UDP/TCP, with message handling
  • Intrusion Detection System

Class Presentations

The purpose of this section is for students to do some independent research work and present their findings to the class.

No later than 2/8/07, each student must choose a topic for the class presentation. Your topic must be approved by your instructor.

Topics must be chosen from current issues in Information Security.

Submit your request via email to your class instructor. Topic requests will be honored on a FIFO basis. Your presentation will be scheduled based on the timing of your request, with requests coming in early being scheduled for class presentation later in the semester and later requests scheduled earlier.

A draft of the presentation is due two weeks prior to the scheduled date for the presentation. The purpose of this is to make sure you're on track with your work.

Allocate significant time to survey the IS topic you have selected. Do not wait until a few days before the presentation is due, chances are that if you do so, then you'll run out of time and will end up with a very poor mark in this section.

Presentations will be limited to 20' and will be followed by Q&A up to a total of 30'. Grading will consider both the content and the way the presentation is made to the class. Your peers will participate in the grading process and their opinion accounts for 40% of your mark.

The presentation must be very well rehearsed; failure to properly prepare for the presentation will result in an extremely poor mark on the presentation.