CSC 479/579 Computer and Network Security
Theory and methods for developing and maintaining secure systems and applications. Topics include secure infrastructures, intrusion prevention and detection, viruses and anti-virus software, software security, aunthentication, cryptography, and legal and ethical issues.
My office is in Carnegie Hall 311 B. You can stop by in person, or call my office at 630-637-5174. If I am not at the office and you need immediate attention, you can call me at home at 630-759-2110. You can email me at firstname.lastname@example.org. Spring term office hours are Tuesdays and Thursdays at 3:50pm-- 6:20 pm.
Course Textbook and Schedule of Topics
The class text is Michael Goodrich and Roberto Tamassia, Introduction to Computer Security , Addison Wesley, 2011
Schedule of topics will be as follows:
|Week 1||Introduction (Chapter 1), Security Models and Practice (Chapter 9)|
|Weeks 2 and 3||Cryptography (Chapter 8)|
|Weeks 4 and 5||Network Security (Chapters 5 and 6)|
|Week 6||Operating System Security (Chapter 3)|
|Weeks 7 and 8||Web Application Security (Chapter 7)|
|Week 10||Database Security and Graduate Presentations|
There will be a number of homework/ lab assignments given, no less than 5 and no more than 10. Homework will account for 45% of course grade.
In addition to the homeworks, there will be an in-class test in Weeks 3, 5, and 8, and a final examination in week 11. Some of the tests may include a programming portion to be done on the computer. Any parts of the tests done on the computer will be open book and open notes. Distribution of percentage points for the tests are 5%, 13 %, 13%, and 24% for the tests in weeks 3, 5, 8, and 11, respectively.
Graduate students will be required to research a course-related topic and make a presentation to the class during week 10. This will be weighted as 1 and 1/2 of a homework assignment.
Attendance at graduate presentations is required of all students both graduate and undergraduate: the penalty for each un-excused absence is 1 percentage point deducted from the student's course average.
Policy on Missed Quizzes
In-class tests missed without a legitimate excuse cannot be made up. If you have to miss a test (for some legitimate reason) please let me know at least a week before the test and I will make arrangements for a make up. In the event some unexpected reason beyond your control prevents you from being in class on the day of a test, contact me as soon as possible by phone or email to arrange a make up.
Policy on Late Assignments
Homework must be submitted electronically by email by midnight on the due date. Late homework is penalized at 10 %. In reality, this penalty is usually not imposed if the homework is submitted before I have completed grading homework submitted on time. Late homework will not be graded after I have completed grading the following assignment : For example, I will not grade late submissions of homework 3 if they are submitted after I am finished grading homework 2. The last assignment must be submitted on time.
Quality of Written Assignment
All work on homework will be graded for correctness first, and secondly, for quality of documentation and presentation, and efficiency. Make sure your code is readable and neatly formatted.
All work on the in-class tests must be done without any assistance from anybody, and you may not use cell phones or any electronic devices on the closed book part of the tests. On the online part of the tests, you may use lab computers, or your own laptop if you prefer. You may not email, use a cell phone, or otherwise communicate with anybody else during a test.
You may seek help from the instructor, other students, and other individuals on homeworks and labs. You may not copy other people's code, or otherwise submit as your own work code that you do not understand. The goal of seeking help is to get to the place where you can do the work yourself. If you submit any work for grading: you should be prepared to explain it to me. Submission of any work that you do not understand or cannot explain will be considered plagiarism.