CSCI-4530 / CSCI-5530 Computer Security
Overview
Basic Information
If you wish, you may download a printable version of the original syllabus. However, all of that information is also on this web page and the web page will be updated as the course proceeds, whereas the printed syllabus will not.
Course Description
Fundamental introduction to the broad area of computer security. Topics will include access control, security policy design, network security, cryptography, securing systems, and common vulnerabilities in computer systems.
Prerequisites
For undergraduate students: CSCI 3500: Operating Systems or an equivalent course.
Course Outcomes
The following are a list of some expected course outcomes.
Students are able to describe detailed features of fundamental computer security concepts.
Students are familiar with network security designs which are commonly used in organizations.
Students are familiar with fundamentals of cryptography, including public and private
key cryptography.
Students are familiar with network security threats and countermeasures, including
common attacks and defensive strategies.
Students have an understanding of security within and Software-Defined Networking
(SDN), including common attacks and defensive strategies.
Students can recognize common vulnerabilities on various operating systems and can
compare and contrast various features provided on popular operating systems.
Students can use standard tools such as tcpdump, iptables, and other common applications.
Students can explain common vulnerabilities in programs, such as buffer overflows
and lack of input sanitization
Students can compare and contrast types of malicious code, including worms, Trojan
horses, and viruses.
Instructor
* Flavio Esposito
Office: ISE 234D
Email: first DOT last AT slu DOT edu
Phone: 314-977-2334
Homepage: http://www.cs.slu.edu/~esposito
Lectures
Time and Days: Tue/Thu 12:45pm - 2:00 pm
Where: ISE 230 (Campus Map)
Though attendance is not explicitly required, it is expected. Lectures are designed to be interactive and class participation is most welcome. These meetings will offer learning opportunities that cannot be recreated purely from readings.
The instructor may occasionally depart from the textbook and its flow to explain details or notions of security currently under active research (topics that haven't made it in any book yet). The instructor may not always provide backup lecture notes on such additional details. That said, for those who miss a lecture, information on the lecture topic can often be found on the course schedule web page.
If you must miss class, please contact the instruction by e-mail to inform of your absence. Notification should be provided at least one hour before class, if possible.
Office Hours
Online only and by appointment.
Preferred time: Thursday: 3:30pm 4:30pm.
Please contact the instructor via email at least 24 hours before you are planning to meet.
Course Materials and Resources
This class uses online resources, handouts and the following textbook:
Computer Security: Principles and Practice, by Stallings and Brown. The book is recommended but not required.
Computer security is a fast moving area, and I will heavily use Internet resources, so a number of successful students have opted to not purchase the text and done fine. However, if you would like an extra resource or anticipate missing any class, this book is the one that I base many of my lectures on, although I deviate heavily from it in order to pull in additional information.
Grading Criteria
There will be one midterm exam and one final exam. Both exams will be closed books and notes. Also, there will be a few written assignments, and a few programming assignments. Final grades will be approximately based on the following criteria:
Written and Lab Assignments: 45%
Written homework assignments can cover essays or questions similar to those that you
may find at the end of each chapter in a textbook. Essays will be over papers assigned
in class. In addition to written homework assignments, there will be several hands
on labs on computer security. Some (or all of them) will be done on the DETER
testbed, a remote cluster where you can reserve virtual machines to run your lab in
an isolated environment with sudo access. Each lab will be self contained, and must
be done individually. Stay tuned for more information on the DETER system as well
as on our assignments
Graduate students will have extra assignments on more advanced material.
Letter Grades
Student percentage above 93% will result in a grade of A or better.
Student percentage above 90% will result in a grade of A- or better.
Student percentage above 87% will result in a grade of B+ or better.
Student percentage above 83% will result in a grade of B or better.
Student percentage above 80% will result in a grade of B- or better.
Student percentage above 77% will result in a grade of C+ or better.
Student percentage above 73% will result in a grade of C or better.
Student percentage above 70% will result in a grade of C- or better.
Student percentage above 67% will result in a grade of D or better.
Student percentage below 67% will result in a grade of F.
Late submission policy
Assignments submitted late will have a score reduced of 20% per day for the first 2 days after the deadline. No submissions will be accepted after the second day. Upon request to the Dean of Students (http://www.slu.edu/dean-of-students-office), students shall be given up to five (5) consecutive days (not including weekends or holidays) of excused absence for bereavement.
Technology in class
Cell phones are allowed in vibration mode during class. If you have a personal emergency, feel free to step out quietly from the classroom and take the call. Cell phones are not allowed during exams. Recording audio or video (frames) during class is not recommended. Learning how to take notes effectively is useful: train for that.
Computers will be an integral part of this course, both inside and outside of class. However, out of courtesy to both the instructor and other students, please do not use the lab computers for non-class related activity. In particular, you do not need to be using a computer unless an exercise or in class activity requiring them is in progress.
Research suggests that laptops do not enhance classroom learning. For example, read this article Logged In and Zoned Out: How Laptop Internet Use Relates to Classroom Learning. By Susan M. Ravizza, Mitchell G. Uitvlugt, Kimberly M. Fenn.
Face Masks Policy
The University's Interim Policy on Face Masks governs all students, faculty, staff, and campus visitors in all University-owned, leased, or operated facilities. All persons physically present in any such University facility associated with this course shall comply fully with this policy at all times. Masks must be worn before entry to all such University facilities (as well as outdoors on all University property when six feet of distance is unpredictable or cannot be maintained).
Saint Louis University is committed to maintaining an inclusive and accessible environment. Individuals who are unable to wear a face mask due to medical reasons should contact the Office of Disability Services or Human Resources to initiate the accommodation process identified in the University's ADA Policy. Inquires or concerns may also be directed to the Office of Institutional Equity and Diversity. Notification to instructors of SLU-approved ADA accommodations should be made in writing prior to the first class session in any term (or as soon thereafter as possible).
As the instructor of this course, I shall comply fully with SLU's policy and all related ADA regulations.
Students who attempt to enter a classroom without wearing masks will be asked by the instructor to wear masks prior to entry. Students who remove their masks at any time during a class session will be asked by the instructor to resume wearing their masks.
Note: Accordingly, no consumption of any food will be allowed in class.
Students who do not comply with a request by a SLU instructor to wear a mask in accordance with the University's Interim Policy on Face Masks may be subject to disciplinary actions per the rules, regulations, and policies of Saint Louis University, including but not limited to the Student Handbook. Non-compliance with this policy may result in disciplinary action, up to and including any of the following:
dismissal from the course(s)
removal from campus housing (if applicable)
dismissal from the University
To immediately protect the health and well-being of all students, instructors, and staff, instructors reserve the right to cancel or terminate any class session at which any student fails to comply with faculty or staff request to wear a mask in accordance with University policy.
Students are strongly encouraged to identify to their instructor any student or instructor not in compliance. Non-compliance may be anonymously reported via the SLU Integrity Hotline at 1-877-525-5669 (or confidentially via the Integrity Hotline's website at http:www.lighthouse-services.com/slu.
Student Success Center
In recognition that people learn in a variety of ways and that learning is influenced by multiple factors (e.g., prior experience, study skills, learning disability), resources to support student success are available on campus. The Student Success Center assists students with academic and career related services, and is located in the Busch Student Center (Suite, 331) and the School of Nursing (Suite, 114). Students can visit www.slu.edu/success to learn more about:
Course-level support (e.g., faculty member, departmental resources, etc.) by asking your course instructor.
University-level support (e.g., tutoring services, university writing services, disability services, academic coaching, career services, and/or facets of curriculum planning).
University Writing Services Support
We encourage you to take advantage of university writing services in the Student Success Center; getting feedback benefits writers at all skill levels. Trained writing consultants can help with writing projects, multimedia projects, and oral presentations. University Writing Services offers one-on-one consultations that address everything from brainstorming and developing ideas to crafting strong sentences and documenting sources. For more information, call 314-977-3484 or visit http://bit.ly/1gAKC9H.
Disability Services Academic Accommodations
Students with a documented disability who wish to request academic accommodations must contact Disability Services to discuss accommodation requests and eligibility requirements. Once successfully registered, the student also must notify the course instructor that they wish to access accommodations in the course.
Please contact Disability Services, located within the Student Success Center, at Disability_services@slu.edu or 314.977.3484 to schedule an appointment. Confidentiality will be observed in all inquiries. Once approved, information about the student’s eligibility for academic accommodations will be shared with course instructors via email from Disability Services and viewed within Banner via the instructor’s course roster.
Note: Students who do not have a documented disability but who think they may have one are encouraged to contact to Disability Services.
Title IX
Saint Louis University and its faculty are committed to supporting our students and seeking an environment that is free of bias, discrimination, and harassment. If you have encountered any form of sexual harassment, including sexual assault, stalking, domestic or dating violence, we encourage you to report this to the University. If you speak with a faculty member about an incident that involves a Title IX matter, that faculty member must notify SLU's Title IX Coordinator and share the basic facts of your experience. This is true even if you ask the faculty member not to disclose the incident. The Title IX Coordinator will then be available to assist you in understanding all of your options and in connecting you with all possible resources on and off campus.
Anna Kratky is the Title IX Coordinator at Saint Louis University (DuBourg Hall, room 36; (anna.kratky@slu.edu; 314-977-3886). If you wish to speak with a confidential source, you may contact the counselors at the University Counseling Center at 314-977-TALK or make an anonymous report through SLU's Integrity Hotline by calling 1-877-525-5669 or online at
https://www.lighthouse-services.com/_StandardCustomURL/LHILandingPage.asp. To view SLU's policies, and for resources, please visit the following web addresses: https:www.slu.edu/here4you and https://www.slu.edu/general-counsel.
IMPORTANT UPDATE. SLU's Title IX Policy (formerly called the Sexual Misconduct Policy) has been significantly revised to adhere to a new federal law governing Title IX that was released on May 6, 2020. Please take a moment to review the new policy and information on the following web address: https:www.slu.edu/here4you. Please contact the Anna Kratky, the Title IX Coordinator, with any questions or concerns.
Academic Integrity
Academic integrity is honesty, truthful and responsible conduct in all academic endeavors. The mission of Saint Louis University is “the pursuit of truth for the greater glory of God and for the service of humanity.” Accordingly, all acts of falsehood demean and compromise the corporate endeavors of teaching, research, health care, and community service via which SLU embodies its mission. The University strives to prepare students for lives of personal and professional integrity, and therefore regards all breaches of academic integrity as matters of serious concern.
The governing University-level Academic Integrity Policy can be accessed on the Provost's Office website. A more detailed policy statement is given by the College of Arts & Science, also applying to this course.
In addition to those general statements, we wish to discuss our policy in the context of this course. When it comes to learning and understanding the general course material, you may certainly use other reference materials and you may have discussions with other students in this class or other people from outside of this class. This openness pertains to material from the text, practice problems, general syntax and use of any language or other computing tools.
However, when it comes to work that is submitted for this course, you are not to use or to search for any direct or indirect assistance from unauthorized sources, including but not limited to:
other students in this class
past students, whether from this school or other schools
other acquaintances
other texts or books
online information other than that referenced by course materials
Acceptable sources of information include consultations with the instructor, or members of organized tutoring centers on campus, as well as any materials explicitly authorized for a project description. Even in these cases, if you receive significant help you should make sure to document both the source of the help as well as the extent.
On certain assignment, the instructor may explicitly allow students to work in pairs or in groups. In this case, conversations between partners is both permissible and required. Furthermore, all students are expected to contribute significantly to the development of the submitted work. It is unethical to allow a partner to “sign on” to a submission if that partner did not significantly contribute to the work.
Any violations of these policies will be dealt with seriously. Penalties will apply as well to a student who is aiding another student. Any such violations will result in a minimum penalty of a zero on the given assignment that cannot be dropped, and severe or repeated violations will result in an immediate failing grade in the course. Furthermore all incidents will be reported in writing to the Department and/or the Dean, as per the College procedure.
|