Syllabus for CSE 4392-001: Information Security I, Fall 2008

Information Security, Fall 2008

TOPICS

0. Preliminaries

  • 0.0 -- 08/25: Introduction
  • 0.1 -- 08/27: Security Basics (Instructor: Jun-Won Ho)
  • 0.2 -- 09/01: Ethics

1. Software Security

  • 1.0 -- 09/03: Stack Overflows
  • 1.1 -- 09/08: Heap Overflows
  • 1.2 -- 09/10: Overflow Defenses
  • 1.2 -- 09/15: Malware
  • 1.2 -- 09/17: Malware Defenses

2. Cryptography

  • 2.0 -- 09/22: Symmetric Crypto
  • 2.1 -- 09/24: Public Key Crypto
  • 2.2 -- 09/29: Authentication

3. System Security

  • 3.0 -- 10/01: User Authentication
  • 3.1 -- 10/06: Access Control
  • 3.2 -- 10/08: DB Security
  • 3.3 -- 10/13: Trusted Computing
  • 3.4 -- 10/15: Securing Linux and Windows

10/20 Midterm

4. Network Security

  • 4.0 -- 10/22: Firewalls
  • 4.1 -- 10/27: Intrusion Detection
  • 4.2 -- 10/29: Hacker Strategies
  • 4.3 -- 11/03: Botnets and Denial of Service
  • 4.4 -- 11/05: Internet Security
  • 4.5 -- 11/10: Web Attacks

5. Administration

  • 5.0 -- 11/12: Physical Security
  • 5.1 -- 11/17: Human Factors
  • 5.2 -- 11/19: Auditing
  • 5.3 -- 11/24: TEMPEST and COMSEC
  • 5.4 -- 11/26: Wireless Security

Finishing Up

  • 12/01: TBD
  • 12/03: TBD

GRADING

Your grade will be composed of:

  • 10% Assignments (2)
  • 40% Lab Work (6-8 labs)
  • 10% Online Participation
  • 20% Midterm
  • 20% Final Project

RULES AND OTHER INFO

Grading

Grading will be on a curve. I will do my best to let you know where you stand as we go through the course, but no guarantees.

Late Policy

I will accept one late assignment or lab write-up per student, up to one week late. All online participation must be on time.

Programming

There will be some programming in this class for which you must use Java or C++. Document and comment your code well.

Working Together

On assignments, you are allowed to work together under the following guidelines:
  • Write the answers up by yourself.
  • Don't give out final answers (e.g. numerical answers or decrpytions).

Tests

Tests will be timed, closed notes, closed book, and closed neighbor. If you have problems with time pressure or memorization, you are welcome to come in for additional assistance prior to the tests -- I will make extra time for you for both the material and test taking techniques.

Cheating

If you cheat on an assignment or test, you get 0 points for that assignment or test AND you lose an addition -200% in your grade. For example, if, by the end of the class, you have 100% on everything but you cheated on a midterm worth 10% of your overall grade, you will get a 70% in the class. This includes both the "looker" and the "lookee." Also, cheaters will not be allowed to do final projects for credit. There will be additional penalties from the department or the university.

If you must do well in the class, then you had better master the material by doing the assignments and studying for the tests. Failing to understand the principles and practices of security in the real world can lead to consequences far more serious than getting a bad grade.