CS 361: Summer II, 2012
Introduction to Computer Security

Instructor: Dr. Bill Young; Unique number: TBA
Class time: MTh 10am-11:15am; Location: TBA
Office: MAIN 2012; Office Hours: MWF 11am-noon and by appt.
Office Phone: 471-9782; Email: byoung@cs.utexas.edu
TA: TBA; Email: gayathiri@utexas.edu
TA Office Hours: TBA
This website: www.cs.utexas.edu/users/byoung/cs361/syllabus361.html



Important Class Announcements:

Breaking news important to the class will be posted here. Consult this spot often.

Important: This course has a new, blended format as of Fall, 2011. Videotaped mini-lectures will be made available on-line. These are available via UTs Quest system: Quest system. You will view these prior to coming to class and answer a series of questions on-line. The class will only meet on Mondays and Thursdays, and then only to discuss the material and assignments, and possibly a short quiz to ensure that you've viewed the lectures and done the required preparation. This is not a self-paced course. You must view the mini-lectures and do the on-line portions as they are assigned, and you must attend class on the two days per week that we meet. If you don't have the self-discipline to keep up, you shouldn't take this course, particularly not in the summer.


Some Interesting Links:

Women, minorities in Security
Cyber attacks
Flaw in AES
Govt wants hackers
Zodiac Message
One Time Pad
Cyber Camp
Hot Skills for 2011
Cyber attack threat

Course Description:

CS 361 is an introduction to topics in computer security, one of the "hottest" and most relevant areas of computing today. The student will develop an intuition about what computer security means, both in the abstract and in the context of real systems; be able to recognize potential threats to confidentiality, integrity and availability; be aware of some of the underlying formalisms and technologies that attempt to address these challenges; and be conversant with current security-related issues in the field.

Topics to be covered will include:

  1. Scope of the security problem;
  2. Various views of computer security;
  3. Security policies;
  4. Formalizing security properties;
  5. Elementary information theory;
  6. Elementary cryptography;
  7. Cryptographic protocols;
  8. Authentication;
  9. Risk assessment;
  10. Malicious logic;
  11. System evaluation and certification.
Important: This course has a new, blended format as of Fall, 2011. Videotaped mini-lectures will be made available on-line. These are available via UTs Quest system: Quest system. You will view these prior to coming to class and answer a series of questions on-line. The class will only meet on Mondays and Thursdays, and then only to discuss the material and assignments, and possibly a short quiz to ensure that you've viewed the lectures and done the required preparation. This is not a self-paced course. You must view the mini-lectures and do the on-line portions as they are assigned, and you must attend class on the two days per week that we meet. If you don't have the self-discipline to keep up, you shouldn't take the course This gives a mapping of videos to weeks in the semester: log of lectures.

Notice that CS students at UT have the option of completing a number of security-related courses and receiving a government-sanctioned certification in security. See the following link for information: Security certification.

Prerequisites:

You are expected to have taken and passed the following courses (or equivalent) with a grade of at least C-: CS310 or CS310H, CS336 or CS336H, and M408D or M408M. If you don't have the prerequisites, be sure to clear it with the CS department.

Text:

There is no textbook. If you would like a book for reference purposes, ask me and I can suggest one. All of the lectures, slides, and supplementary materials are on-line. There is a required $22 semester fee for the use of the Quest system. Note that this is very cheap compared to the cost of a textbook.

Class Notes:

All of the class slides will be available on-line. They will be made them available as we cover new material and you are welcome to print them out or view them on-line. Slides will be available in PostScript (PS) or in PDF format (full size and in 4-ups). The PostScript files can be viewed with Ghostview or printed on any postscript-compatible printer. The PDF files can be viewed with Acroread.

Fee for Quest System:

This course makes use of the web-based Quest content delivery and homework server system maintained by the College of Natural Sciences. This homework service will require a $22 charge per student for its use, which goes toward the maintenance and operation of the resource. Please go to http://quest.cns.utexas.edu to log in to the Quest system for this class. At some point during the semester, when you log into Quest you will be required to pay via credit card on a secure payment site. You may have the option to wait some time to pay while still continuing to use Quest for your assignments. If you are taking more than one course using Quest, you will not be charged more than $50 per semester. Quest provides mandatory instructional material for this course. For payment questions, email quest.fees@cns.utexas.edu.

Assignments:

There will also be several (usually 5 or 6) programming assigments over the course of the semester. These will usually be posted on Monday and due the following Monday. They should be done in the Java programming language. If you don't know Java, discuss it with me and I can make other arrangements. Each student may work on programming assignments individually or in collaboration with one other student. Make sure that all submissions clearly identify which students contributed to the project.

Programs will be submitted to your TA. Concerns about your program grades should be addressed first with the TA, and only with Dr. Young if you can't obtain satisfaction there. Information on how to submit your work will be posted here.

You have another standing assignment: For each video you view, there are several questions to be answered on-line (on Quest). Collectively, the module questions are counted as equal to two programming assignments. If you have problems accessing the questions via the Quest interface, let me know; I can make them available in alternative format.

Programs will be graded on a 10 point scale with 2 points deducted for each day the program is late, up to 2 days. If more than 2 days late, the assignment gets 0 points. The number of days late is purely a function of the timestamp recorded when you submit the assignment. The TA may also allocate a number of "slip days" that you can use at your discretion over the course of the semester. The TA may turn off the turnin program after the due date, and accept late assignments by email. Please coordinate with the TA regarding late submissions, or if you desire to re-submit an assignment following the due date.

After an assignment has been graded, it is your responsibility to check Blackboard to see that your assignment grades have been posted correctly. It's not OK to complain at the end of the semester that some grades weren't posted or were posted incorrectly.

Links to the assignments will appear below. Check this page often and be sure to check that any particular assignment or due date has not been changed.

Quizzes:

Short in-class quizzes may be given at any time. These will cover material previously covered or material in the mini-lectures you were expected to view. The goal of quizzes is to test your understanding of the material and to give you an idea of the types of questions that will appear on tests. There will be no makeups for quizzes you miss, but any single quiz is only a small proportion of your final grade.

Tests:

There will be two major tests during the semester: a midterm and final. Tests are closed-book, closed-notes tests, except that you may bring a single handwritten 3 x 5 inch index card of notes (both sides). Your best study strategy is to review the class notes and ensure that you understand thoroughly the topics we covered in class and on the quizzes. Sample tests and vocabulary lists will be posted.

The midterm will be held in-class on Monday, July 30. It will cover the material from weeks 1-3. The final exam will be held on Monday, August 13. Don't make travel plans that conflict with that date. A sample midterm and sample final will be posted.

No laptops:

Students should not have laptops or other electronic devices open during class. Copies of all slides will be provided. Please just listen, participate and absorb the material.

Grading policies:

Class attendance is mandatory on the days we meet, and will be checked. Excessive unexcused absences will result in a reduced grade. If you don't plan to come to class regularly, please don't register for this class. Signing in for another student not present will be considered cheating by both students.

Grades are averaged using the weighting below:

Component Percent
Attendance, Quizzes and Participation10%
Assignments 30%
Midterm Exam 30%
Final Exam 30%

Course grades are assigned on the scale: A = 90-100; B = 80-90; etc. (I don't grade on the +/- grading system.) Also, I reserve the right to be more generous than these ranges indicate. That is, I may enlarge any of these ranges; I will not shrink any range.

Scholastic Dishonesty:

Academic dishonesty will not be tolerated. See http://www.cs.utexas.edu/academics/conduct for an excellent summary of expectations of a student in a CS class.

All work must be the student's own effort (with the exception of group effort on programs). Work by students in previous semesters is not your own effort. Don't even think about turning in such work as your own, or even using it as a basis for your work. We have very sophisticated tools to find such cheating and we use them routinely. Several students didn't heed this warning in past semesters and paid a heavy price. Also, if you turn in homework done by a student in an earlier semester, I will assume that they collaborated with you and will reserve the right to change retroactively their grade in the class to an F. If they've graduated, this means that their degree could be invalidated. Don't risk your future and your friends' futures. It's far better to get a 0 on an assignment than to cheat.

No deviation from the standards of scholastic honesty or professional integrity will be tolerated. Scholastic dishonesty is a serious violation of UT policy; and will likely result in an automatic F in the course and may result in further penalties imposed by the department or by the university. Don't do it. If you are caught, you will regret it. And if you're not caught, you're still a cheater.

Students with Disabilities:

Students with disabilities may request appropriate academic accommodations from the Division of Diversity and Community Engagement, Services for Students with Disabilities, 471-6259, http://www.utexas.edu/diversity/ddce/ssd.