CS329E: Spring, 2013
Elements of Security

Instructor: Dr. Bill Young; Unique number: 51811
Class time: MWF 1-2pm; Location: BUR 136
Office:GDC 7.810; Office Hours: MWF 10-noon and by appt.
Office Phone: 471-9782; Email: byoung at cs.utexas.edu
TA: Joyce Whang; Email: joyce at cs.utexas.edu;
TA Hours and location:Tuesday and Friday 3-5pm, GDC 4.802B
Proctor: Gerardo Gamboa; Email: ggambo_13 at utexas.edu ;
This website: www.cs.utexas.edu/users/byoung/cs329e/syllabus329e.html

---

Important Class Announcements:

Breaking news important to the class will be posted here. Consult this spot often.

Here is a review sheet for the final: Final Review

Here are the quiz answers and four quizzes: Answers, Quiz1, Quiz2, Quiz3, Quiz4.

Several of you asked for an extra credit assignment. Here's one: Extra Credit.

Here's a draft of the final vocabulary list: Final Vocab. Recall that you will be given a copy of this during the final test.

No weekly article submission is required on 5/4.

The course instructor survey for our class is now available electronically at Course survey It will be available until 5/8. Please do fill it out. I will add 2 points to the final test score for anyone who fills it out before the final test on 5/6 and sends me a screen shot of the page saying you've completed it (not the form itself).

The midterm has been graded. Find your grade on Canvas. Remember that 60 points were possible. The stats are here: Stats.. I'll have the tests on Friday for you to pick up.

At classtime on Monday of each week, you should submit (in hardcopy) a recent article related to security and a short, typed synopsis (summary) of the article, following the sample below. The writeup should contain a summary of the contents of the article, its relevance to the class, and at least two discussion questions relating to the article. Both article and writeup should be printed and stapled together with your writeup on top. Here are a sample article and synopsis: the article, the writeup. Your first article was due Monday, January 26, but we will accept this one late. Subsequent articles will not be accepted late.

This is a video that students in my other security class did as a class project: Privacy Online Video.

Important note: This class will not have a writing flag. If you must have a writing flag, this is not the class for you.

Feel free to email me (Send me an email message), but please put "CS329E" in the header. I'm teaching another class this semester and this helps me to understand the context of your question or comment.

---

UTCS Elements Program:

Regardless of their field of study, college students live in a digital information age. The Elements of Computing Program is a set of courses intended to help students understand the sophisticated technologies they use everyday as well as gain the computer skills that employers value. Elements courses are intellectually stimulating and personally rewarding, and they can supplement any undergraduate program.

Course Description:

CS329E is an introduction to topics in computer security, one of the "hottest" and most relevant areas of computing today. The student will develop an intuition about what computer security means, both in the abstract and in the context of real systems; be able to recognize potential threats to confidentiality, integrity and availability; be aware of some of the underlying formalisms and technologies that attempt to address these challenges; and be conversant with current security-related issues in the field.

Topics to be covered may include:

1. Scope of the security problem;
2. Various views of computer security;
3. Security policies;
4. Formalizing security properties;
5. Elementary information theory;
6. Elementary cryptography;
7. Cryptographic protocols;
8. Authentication;
9. Risk assessment;
10. Malicious logic;
11. System evaluation and certification.

Prerequisites:

You are expected to have one of the programming classes, but there will be little to no programming in this class. If you don't have the appropriate prerequisite, be sure to clear it with the CS department.

Required text:

Introduction to Computer Security, by Goodrich and Tamassia, 2011.

Class Notes:

Handouts of all class slides will be made available over the course of the semester via links below. Slides are available in PDF format, and can be viewed with Acroread. I've also supplied the slides as 4-up PDFs. If you plan to print them, I suggest printing the 4-ups to save paper.

Slide set 0: It's a Dangerous (Cyber) World PDF, PDF 4-ups.

Slide set 1: Introduction to Security PDF, PDF 4-ups.

Slide set 2: Policies and Channels PDF, PDF 4-ups.

Slide set 2b: Covert Channels PDF, PDF 4-ups.

Slide set 3: Integrity PDF, PDF 4-ups.

We skipped over slide set 4. We may come back to it later.

Slide set 5: Intro to Cryptography PDF, PDF 4-ups.

Slide set 6: Cryptography II PDF, PDF 4-ups.

Slide set 7: Cryptographic Protocols PDF, PDF 4-ups.

Slide set 8: PGP PDF, PDF 4-ups.

Slide set 9: Availability PDF, PDF 4-ups.

Slide set 10: Viruses PDF, PDF 4-ups.

Assignments:

There will be readings in the textbook. There will also be assignments over the course of the semester. Each student must work on assignments individually unless the assigment explictly allows collaboration.

Links to the assignments will appear below. Check this page often and be sure to check that any particular assignment or due date has not been changed.

Information will be provided on how to submit assignments. Concerns about your assignment grades should be addressed first with the TA, and only with Dr. Young if you can't obtain satisfaction there.

Assignments will be graded on a 10 point scale with 1 point deducted for each day the assignment is late (up to 2 days). After 2 days, the assignment won't be accepted. The number of days late is purely a function of the timestamp recorded when you submit the assignment.

Reading assignment: Read section 1.1 in your textbook. (due 2/2)

Reading assignment: Read sections 9.1 and 9.2 in your textbook. (due 2/9)

Weekly Assignment: Students will submit on Monday of each week a current article relating to cyber security; the article may come from newspapers, magazines, or electronic media but must be no more than two weeks old at the time of submission. Submit a hardcopy of the article along with a short (typed) synopsis of the contents, its relevance to the class, and at least two discussion questions relating to the article. Follow the format of the sample below. These should be printed and stapled together with your synopsis on top. For example, the following are a sample article and synopsis: the article, the writeup. Your first article is due Monday, January 26, and then each Monday thereafter.

Quizzes:

Short in-class quizzes may be given at any time. These will cover material covered in previous classes. The goal of quizzes is to test your understanding of the material and to give you an idea of the types of questions that will appear on exams. There will be no makeups for quizzes you miss, but any single quiz is only a small proportion of your final grade.

Tests:

There will be two major tests during the semester. The first will be (tentatively) March 11; the second will be given May 6. Both will be given during the regular class period. There will be no final exam during the regular exam time. Tests are closed-book, closed-notes tests, except that you may bring a single handwritten sheet (8 1/2 by 11 inches) of notes (both sides). Your best study strategy is to review the class notes and readings to ensure that you understand thoroughly the topics we covered in class.

No laptops:

Students are asked not to have their laptops or other electronic devices open during class. Copies of all slides will be provided. Please just listen and absorb the material.

Grading policies:

Class attendance is encouraged and will be checked on a majority of class days. Excessive unexcused absences will result in a reduced grade. If you don't plan to come to class regularly, please don't register for this class. Signing in for another student not present will be considered cheating by both students.

Grades are averaged using the weighting below:

Description	Percent
Attendance, Quizzes and Participation	10%
Assignments	30%
Midterm Test	30%
Final Test	30%

Course grades are assigned on the scale: A = 90-100; B = 80-90; etc., except that I reserve the right to be more generous than this indicates. That is, I may (and usually do) enlarge the range for any grades. I will never shrink them. I typically do not use the plus/minus grading scale.

Using Piazza:

This semester we will be using Piazza for class discussion. The system is highly catered to getting you help fast and efficiently from classmates, the TAs, and myself. Rather than emailing questions to the teaching staff, I encourage you to post your questions on Piazza. If you have any problems or feedback for the developers, email team@piazza.com. Our class page will be set up shortly and announced here.

Scholastic Dishonesty:

Academic dishonesty will not be tolerated. See www.cs.utexas.edu/users/ear/CodeOfConduct.html for an excellent summary of expectations of a student in a CS class.

No deviation from the standards of scholastic honesty or professional integrity will be tolerated. Scholastic dishonesty is a serious violation of UT policy; and will likely result in an automatic F in the course and may result in further penalties imposed by the department or by the university. Don't do it. If you are caught, you will regret it. And if you're not caught, you're still a cheater.

Some Interesting Links:

OWASP Top 10 2013
Rijndael animation
Freak Flaw Serious
Preserving Digital Data
Vulnerabilities Persist
Cyberwarriors Needed
Cyberattacks and Jobs
Great time to start a cybersecurity career
CS Enrollments Rocket
Panetta on Cyber Risk
Military Networks Not Hardened Enough
Attacks on Electric Grid
IETF and security
Detecting Counterfeit Electronics
NSA Strategy for Cyberattacks
Cyberwar on Syria?
New Vulnerability in Apple Machines
That's Just Creepy
US Cyber Target List
Cyberwar on Business
New White House Security Plan and The Plan Itself
Facebook Flaw
Iran's Leader Urges Learning Cyberwar Skills
Cyberwar Hyped?
Cyber Combat: Act of War
Snowden vs. the NSA
New in online Education
Crowd sourcing limits
Better Password Encryption
Measuring Redundancy in Encoding
An Internet Minute
Internet vs. Sex
Moshers and Emergent Behavior
Facebook making us lonely
Social media statistics
The anternet
Education about the Internet
Value of the Internet
Flaw in symmetric encryption
Digital Sound Quality
CS Hot Major
Analog and Digital
Could the Internet be Destroyed
Color Scheme
Return to top