The objectives of this course are to investigate advanced topics in security including
PGP, and PK encryption
IPSec,
VPNs,
SSL.
Steganography and Steganalysis
watermarking
Biometrics
Advanced Intrusion Detection
Security system Evaluation
The course structure will be based on papers with a term-long project.
Secondary objectives include:
Give students an understanding of what it means to do research in
computer science and specifically security systems
Teach students to effectively select, read and critically evaluate
research papers
Experience in presenting advanced material to/for others
Tackle some challenging projects in which we extend the state of the art.
Outcomes
Students will learn to read and critique research papers
Students will summarize and lead a discussion of research papers
Students will be familiar with advanced topics in security
Students will know where to look for (and hopefully where to publish security papers)
Students will have hands on experience and make contributions a topic in advanced security
Papers
I expect to discuss 3-4 "shared" papers per class period. The class reading list will be online and will
continue to expand, however not all papers will be available online.
The papers for each class will be listed in the reading-list as we get
to that week. In addition to the papers I assign for each week, you
will be expected to find a "personal" paper on your own. When you
choose your paper you should consult the class blogger and if its not
already been taken, then immediately post the reference . Only one
person may review a particular "personal" paper and its first post,
first right.
Starting in week 3 (i.e. after the first class where we really discuss
papers) you will take part in out-of-class discussion groups (which
may be fully electronic discussions). In some weeks, in addition to
the personal reviews, you are to form a "discussion" group of 3-4
students and, before class, discuss the share papers and your personal
papers. (The groups do not need to meet physically -- you may "meet"
in a chatroom if you like). Before class each group should then post
a comparative analysis of the shared papers and the personal papers of
that group. Other weeks each group members will have to prepare a
"presentation" of their paper, and the group prepare a group
comparison presentation.
A review for each paper is due 24hrs before
each class, and should be posted on the class review
page. When assigned the group reviews of the 2-4 shared papers
due by noon on Saturday.
Prerequisite
Students must be able to program in some advanced language (C++
and Java preferred). CS 145 or equivalent - Data Structures, good
programming skills. CS306 (OO programing in C++). recommend
Ability to convert vague problem descriptions (from papers) into computer algorithms.
Recommended: CS330 Software Engineering
CS592 (cryptography) recommended otherwise you should be very
comfortable with mathematics (and have had the equivalent of Math
215,Math 318 and CS 522). If you don't understand DES and/or have a
hard time following the pgpintroduction you may
not be ready yet. (You might prepare over the summer by reading a
book on cryptography).
Basic understanding of Computer/Network Security Issues (e.g. CS591 recommended but not required)
Class Participation and Grading
Class participation is a very important part of your grade. If
you are going to miss class you should contact me ahead of time via
email and probably provide a number I can call you. (I'll give my
cell phone number out in class for true emergencies, but don't want
that posted on the web). For some classes I will select (with
advance warning) 2-3 student per class to "present" the paper of their
choice from the weeks reading. But everyone is expected to to come to
class having read the papers, written your reviews and taken part in a
discussion group. You should always expect to be called upon to lead
part of the discussion in any class, critique any shared paper,
summarize your individual paper. Your group may want to prepare basic
materials so that any one of you can lead the discuss of your "groups"
comparative analysis.
There will be two grading schema, with your grade being the maximum of the two.
Grading system 1:
(Presentation/Project weighted)
Final
25%
Project
25%
Weekly reviews
20%
Class participation/Presentations
30%
Under this opinion who have an A- or better before the
final are guaranteed that the final exam cannot lower their grade (even if they get a zero).
Grading system 2:
(Exam&Project weighted)
Final
40%
Project
25%
Weekly reviews
20%
Class participation/Presentations
15%
Each week will produce one review and one Class participation grade
(F=0 thru A+=4.33), and the low and high grades will be dropped.
Class participation grade will be based on my assessment of the
students voluntary contribution, plus their response to questions I
ask them during class, with the possible grades F, C,B,B+,A-,A.
Interactions with the instructor outside of class, such as in office
hours, is also considered "class" participation. Group "report"
There will be a number of chances for extra credit which is added to your
final letter grade with 300pts extra credit = 1 letter grade. Extra credit
does not impact curving. I do not offer individuals extra credit, if I offer it, it is offered to the entire class.
Teams will be self organizing for both group reviews, presentations
and projects. Teams will be limited to groups of 3 unless I approve
otherwise. Teams should submit a group report as well as a shorter
individual report for each team member. The Individual reports should
include a breakdown (by %) of who did what and should get what
fraction of the credit.
WORKLOAD and HOMEWORK
I expect students to devote an average of 6-9 hours per week on the
work for this class. Reading papers can be highly variable depending
on your background and how much digging you do (reading references
in the paper. ) You are not expected to become an expert in the paper
but should be able to answer detailed questions. For some student the
time needed to totally finish is unbounded. For the software
assignments the average team should complete it on schedule.
If, however, the team does not work effectively the time
required could double or triple. Debugging badly understood/designed
code could can make an assignment take unlimited amounts of time (like
100's of hours).
Course Outline
Following is a list of topics expected to be covered, in anticipated order,
and with expected time to be spent on them. This list is intended to be
only indicative, the actual topics, the order and the time may vary
somewhat depending on various factors including student interests
and preparation.
Week
Lecture Topic
Other Notes
Week 1
Introduction, How to Read Papers. Discussion of what students know
about key Security issues. Initial Discussion of Class Project. Topic overviews
No personal papers/discussion groups this week
2
Network Security Overview
Group papers only, no Personal papers. 1-2 presentations
