A printable PDF is also available.
CSC 481/681 – Fall 2020 – Syllabus
Instructor: Stephen R. Tate (Steve)
Lectures: Mon/Wed 3:30-4:45
Section 01A: Petty 219 on Mondays, Online on Wednesdays
Section 01B: Online on Mondays, Petty 219 on Wednesdays
Office: Petty 157
Office Hours: Mon/Wed 10:00-11:30 (or by appointment), virtual – see below
E-mail:
Note regarding in-person classes and meetings for Fall 2020: Due to the ongoing COVID-19 pandemic, in-person classes are very restricted, and office hours are online using the Zoom teleconferencing software. Students can connect during virtual office hours using the link provided in Canvas. All students are expected to be responsible regarding not only their own health, but also that of others. You may only be present in the classroom on days that you are authorized to be there. If you have any reason to believe that you might be sick, do not come to class and keep away from others until you know that you are not contagious. All classes are streamed live and are recorded for later viewing, and students will all have full access to all resources whether they are attending classes in person or participating remotely. If on-campus class sessions are canceled for any reason, including worsening general situation or instructor health, class will go on! Make sure you stay on top of your email and Canvas announcements and be prepared to be flexible and responsive to changes. More information COVID-specific class protections and policies is at the end of the syllabus.
Class Web Page: http://www.uncg.edu/cmp/faculty/srtate/481.f20/
Catalog Description: Core concepts in computer security, including the security goals of confidentiality, integrity, and availability; authentication; access control; secure software development; use of cryptography; and basic network security.
Prerequisites: Grade of C or better in CSC 261 and CSC 330, or permission of instructor.
Longer Description: This class provides an introduction to computer security concepts, techniques for protecting information and computer systems, and practice using a “security mindset.” The course includes coverage of authentication, access control models, operating system security, cryptography, network security, and software security. Topics are covered at an introductory level, with subsequent courses available for more in-depth exploration of cryptography, software security, and network security. Student work will include a mix of written (analytical) work, programming, and hands-on security exercises.
Student Learning Outcomes: Upon successful completion of this course students should be able to
Describe the basic goals of computer security;
Identify appropriate technologies related to different computer security goals;
Describe high-level properties of basic cryptographic mechanisms, including symmetric and public-key encryption, pseudorandom number generators, cryptographic hash functions, and digital signatures;
Explain secure design principles such as isolation and least privilege, and their relation to modern system tools and technologies;
Identify common vulnerabilities in software;
Describe secure software development principles and practices;
Diagram a basic networked system, identifying security-sensitive aspects and appropriate protection techniques;
(Graduate Students) Explain and critique research in computer security.
Textbook and Readings: The required textbook is
Michael T. Goodrich and Roberto Tamassia. Introduction to Computer Security, Pearson, 2011. ISBN-13 978-0-321-51294-9.
Additional readings will be assigned throughout the semester, which might include instructor-written materials, current news stories, technical articles, or research papers. All of the additional readings will either be freely available or copies will be provided for students.
Hands-on Exercises and Optional Text: Hands-on exercises will come from the Naval Postgraduate School Labtainers project, many of which are derived from SEED labs developed by Wenliang Du at Syracuse University. While these labs are very well documented online, students looking for more information can consider purchasing Prof. Du’s book:
Wenliang Du. Computer Security: A Hands-on Approach, CreateSpace Independent Publishing, 2017. ISBN-13: 978-1548367947.
Topics: The topics to be covered are shown below, where each topic is a single class meeting unless otherwise specified. For an updated week-by-week schedule, please see the class web site.
Class Overview
Overview of computer security and basic goals (Sections 1.1 and 1.4 and reading) [2 classes]
Access Control Models (Sections 1.2, 9.1, and 9.2) [2 classes]
Cryptography for information protection (Section 1.3, Sections 8.1–8.4, and handouts) [5 classes]
Physical security (Sections 2.1-2.5)
Practical Operating System and Linux Overview (readings)
Operating System Security - Basics (Sections 3.1-3.3)
Operating System Security - Advanced: sandboxes, chroot, and containers (readings)
Software security, vulnerabilities, and testing (Section 3.4 and readings) [4 classes]
Web security (Chapter 7 and readings) [2 classes]
Malware (Chapter 4)
Network security I (Chapter 5) [2 classes]
Network security II (Chapter 6) [2 classes]
Teaching Methods and Assignments: This class will meet for two 75-minute periods per week, and class meetings will consist of a combination of lecture/presentation, discussion, and in-class exercises. The meeting format will depend on the current COVID-19 pandemic situation, and if we are not all able to meet in person then lectures will be available via a live video stream and as a recorded lecture (both available in Canvas). Students are expected to be prepared and actively participate in class, having done all required readings in advance. Grades are based on student work done in assignments, exams, and a final project.
Assignments: For practice and to demonstrate abilities, students will be given approximately 5 assignments over the course of the semester (approximately every two weeks, adjusted to exclude exam weeks). Assignments can include written problems or hands-on Labtainer exercises. Labtainer exercises vary a lot in length, with shorter ones being assigned as only part of an assignment, and more complex ones being an entire assignment on their own. Hands-on exercises are best performed on a student’s own computer, but this requires a modern system with at least 8GB of RAM. Alternative arrangements can be made, and if this is necessary you should talk to the instructor as soon as possible (before the first assignment is given). All work will be submitted in Canvas. Student-written homework solutions must be PDF documents, but can be either electronically prepared or neatly handwritten and scanned. If you must use a phone camera rather than a scanner, you should use a “scan to PDF” app to produce a proper and readable PDF document. Hands-on exercise solutions will be submitted as ZIP files, which the Labtainer system creates for you. Some Labtainer exercises also require lab reports, using templates provided as part of the exercise.
Exams: There will be two mid-term exams in this class. Note that the second exam is on the final class day (Tuesday, November 24), but will be a regular (non-comprehensive) midterm exam. There is no written final exam, but instead a final project will be due at the university-scheduled final exam time. COVID-19 adds significant uncertainty to the structure and taking of these midterm exams. Ideally, these exams will be taken on campus by all students at the same time, which means that students may need to plan to come to campus on what would normally be a “remote day.” Depending on final class enrollment, we will reserve either a larger room or multiple rooms so that all students can be accommodated while maintaining required social distancing. If necessary, we will consider remote testing or an online exam, but this will only be done as a last resort.
Project: This class will have a project in lieu of a written final exam. This will involve independent exploration of practical aspects and tools related to concepts we discuss in class. A variety of project topics will be provided as suggestions, and subject to instructor approval students may define their own project that meets the basic project criteria. Students will select their project topic by October 26, and will spend a little over a month completing their project. A final project report will be due at the scheduled final exam time, which is Friday, December 4, at 3:30PM, and cannot be accepted late.
Graduate Students: Graduate students will be given a handout on security research practices and standards, and three research papers to read and critique during the first half of the semester. For the final half of the semester, graduate students will select a topic from the research literature according to their interests, locate appropriate references, and write a thorough research summary and critique. Students are allowed and encouraged to do this in conjunction with the basic semester project. For example, rather than exploring a standard tool (e.g., a fuzz tester) for the project, you can experiment with a research-level tool and survey current research literature related to that tool or technique.
Evaluation and Grading: Each student work product will be graded, and the student’s final grade will be determined by assigning each category of work a weighted score according to the distribution below, and then the final weighted average is mapped to a letter grade as shown.
For undergraduates:
| Category | |
|---|---|
| Assignments | 50% |
| Mid-term Exam 1 | 15% |
| Mid-term Exam 2 | 15% |
| Final Project | 20% |
| Letter Grade Assignment | ||||
|---|---|---|---|---|
| [87.5 , 89.5) = B+ | [77.5 , 79.5) = C+ | [67.5 , 69.5) = D+ | [0 , 59.5) = F | |
| [91.5 , ∞) = A | [81.5 , 87.5) = B | [71.5 , 77.5) = C | [61.5 , 67.5) = D | |
| [89.5 , 91.5) = A- | [79.5 , 81.5) = B- | [69.5 , 71.5) = C- | [59.5 , 61.5) = D- |
For graduate students:
| Category | |
|---|---|
| Assignments | 40% |
| Mid-term Exam 1 | 15% |
| Mid-term Exam 2 | 15% |
| Final Project (basic) | 15% |
| Research Readings/Project | 15% |
| Letter Grade Assignment | |||
|---|---|---|---|
| [87.5 , 89.5) = B+ | [77.5 , 79.5) = C+ | [0 , 71.5) = F | |
| [91.5 , ∞) = A | [81.5 , 87.5) = B | [71.5 , 77.5) = C | |
| [89.5 , 91.5) = A- | [79.5 , 81.5) = B- |
Academic Integrity: Students are expected to be familiar with and abide by the UNCG Academic Integrity Policy, which is online at http://academicintegrity.uncg.edu/
Assignments in this class are for individual work, unless explicitly stated otherwise. General concepts and material covered in the class may be discussed with other students or in study groups, but specific assigned problems should not be discussed and all submitted work should be entirely your own. If you use external references (including web sites, books, etc.) in preparing your solutions, you should clearly mark the part(s) of your solution influenced by these references and provide clear citations to the source of information you are using. Sharing your own work is a serious violation of academic integrity, and if homework is copied then both the person who actually did the work and the person who copied it will be punished. Any incidents of academic dishonesty will be handled strictly, resulting in either a zero on the assignment or an F in the class, depending on the severity of the incident, and incidents will be reported to the UNCG Office of Student Rights and Responsibilities.
Attendance Policy: Students are responsible for everything said or done in class, including material that is not in the book or readings, and information regarding assignments and due dates. That said, attendance is not required, and in-person attendance may be difficult due to COVID-19 conditions. All classes will be streamed and recorded, however, so students are expected to either attend in person, participate during the live feed, or watch the recorded class within 24 hours of the scheduled class time. Students with planned schedule conflicts, whether due to religious observances or other reasons, must inform the instructor in advance and if necessary to turn in any work early so that deadlines are met.
Late Policy and Makeup Exams: Assignments are due at 11:59PM on the due date, and may be turned in up to 7 calendar days late with a 25% late penalty. Students with planned absences, whether for university events, religious observance, or other reason, are expected to make arrangements with the instructor to turn in assignments or take exams before the scheduled date of the assignment or test. No assignment will be accepted more than 7 calendar days after the original due date! The final project report may not be submitted late.
Exam/test dates will be announced at least two weeks in advance, and may be made up only if it was missed due to an extreme emergency and arrangements are made before the exam date. Exams may not be taken early or late due to personal travel plans.
Given the COVID-19 situation, I will be flexible and accommodating within reason, but students must inform me of any complications in advance of due dates.
In-class Behavior: When you are in class (in-person or remotely) you should be focused on the class, and you should act in a professional and mature manner, avoiding behavior that is distracting to the learning environment of other students. If you are participating remotely, you should keep your microphone muted when you are not actively engaged in a class discussion. To promote a sense of community, you are asked to turn on your camera when asking or answering a question remotely.
ADA Statement: UNCG seeks to comply fully with the Americans with Disabilities Act (ADA). Students requesting accommodations based on a disability must be registered with the Office of Accessibility Resources and Services located in 215 Elliott University Center: (336) 334-5440 (or on the web at http://oars.uncg.edu).
University COVID-19 Policy: As UNCG returns to face-to-face course offerings in fall 2020, the campus community must recognize and address concerns about physical and emotional safety. As such, all students, faculty, and staff are required to uphold UNCG’s culture of care by actively engaging in behaviors that limit the spread of COVID-19. Such actions include, but are not limited to, the following:
- Wearing a face covering that covers both nose and mouth
- Observing social distance in the classroom
- Engaging in proper hand washing hygiene when possible
- Self-monitoring for symptoms of COVID-19
- Staying home if you are ill
- Complying with directions from health care providers or public health officials to quarantine or isolate if ill or exposed to someone who is ill
Instructors will have seating charts for their classes. These are important for maintaining appropriate social distance during class and facilitating contact tracing should there be a confirmed case of COVID-19. Students must sit in their assigned seat at every class meeting and must not move furniture. Students should not eat or drink during class time.
A limited number of disposable masks will be available in classrooms for students who have forgotten theirs. Face coverings will also be available for purchase in the UNCG Campus Bookstore. Students who do not follow masking and social distancing requirements will be asked to put on a face covering or leave the classroom to retrieve one and only return when they follow these basic requirements to uphold standards of safety and care for the UNCG community. Once students have a face covering, they are permitted to re-enter a class already in progress. Repeated issues may result in conduct action. The course policies regarding attendance and academics remain in effect for partial or full absence from class due to lack of adherence with face covering and social distancing requirements.
For instances where the Office of Accessibility Resources and Services (OARS) has granted accommodations regarding wearing face coverings, students should contact their instructors to develop appropriate alternatives to class participation and/or activities as needed. Instructors or the student may also contact OARS (336.334.5440) who, in consultation with Student Health Services, will review requests for accommodations.
Health and well-being impact learning and academic success. Throughout your time in the university, you may experience a range of concerns that can cause barriers to your academic success. These might include illnesses, strained relationships, anxiety, high levels of stress, alcohol or drug problems, feeling down, or loss of motivation. Student Health Services and the Counseling Center can help with these or other issues you may experience. You can learn about the free, confidential mental health services available on campus by calling 336-334-5874, visiting the website at https://shs.uncg.edu/ or visiting the Anna M. Gove Student Health Center at 107 Gray Drive. For undergraduate or graduate students in recovery from alcohol and other drug addiction, the Spartan Recovery Program (SRP) offers recovery support services. You can learn more about recovery and recovery support services by visiting https://shs.uncg.edu/srp or reaching out to recovery@uncg.edu
COVID-19 Spartan Shield Video: UNCG Chancellor Frank Gilliam has challenged us to create a Culture of Care at UNCG where we all wear face coverings and social distance, less to protect ourselves but rather more to protect everyone around us. It shows that you care about the well being of everyone around you. We have created this video featuring your student body presidents to better explain how and why this is so important.
Please watch this video before the first day of classes: https://youtu.be/Mb58551qxEk