Introduction to Computer Security Fall 2014

This course introduces the principles and practice of computer security. It aims to teach you how to model threats to computer systems and how to think like an attacker and a defender. It presents standard cryptographic functions and protocols and gives an overview of threats and defenses for software, host systems, networks, and the Web. It also touches on some of the legal, policy, and ethical issues surrounding computer security in areas such as privacy, surveillance, and the disclosure of security vulnerabilities. The goal of this course is to provide a foundation for further study in computer security and to help you better understand how to design, build, and use computer systems more securely. See the schedule for details.

Announcements

Late Chips

We've decided not to use an automated late chip server. Instead, to use some of your late days, post a private message on Piazza to the 'late_chips' folder with your name, CNetID, the assignment, and the number of late chips you are requesting. You must request late chips for an assignment before you hand it in.

Remember, with the exception of extraordinary circumstances, assignments submitted late without using late chips will receive no credit.

Kevin Fu Talk

Kevin Fu, Associate Professor at the University of Michigan, is giving a talk entitled "Medical Device Cyber Security: The First 164 Years" on Tuesday, October 7 at 4:30pm in Ry 251. Refreshments will be at 3:30pm in Ry 255. The talk is hosted by Shan Lu

Security Seminar

For this quarter, the Security and Systems seminars have been combined. The next meeting will be tomorrow, Tuesday, October 7 12–1pm in Searle 240b.

Kevin Fu will be attending, and so we'll be reading a paper from his research group: Rushanan et al. SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks. IEEE Symposium on Security and Privacy. 2014. There will be Pizza.

If you're interested, we encourage you to sign up for the mailing list.

Course Staff

Professor

Ariel J. Feldman

Office hours:
Tue., Wed. 1:30–2:30pm
Room: Ry 161A

TAs

Zachary Rubenstein

Office hours:
Thu., Fri. 2–3pm
Room: Ry 278

Yuxi Chen

Course Information

Prerequisites	CMSC 15400
Lectures	Mon., Wed., Fri. 10:30–11:20am, Ry 276
Communication	We'll use Piazza for general discussion and questions about course material. Assignments will be distributed here and be collected via Phoenixforge (instructions here).
Reference Books	No textbook is required, but if you would like additional references, we recommend: Security Engineering by Ross Anderson Cryptography Engineering by Ferguson, Schneier, and Kohno

Grading

The coursework consists of five homeworks, five projects, and a final exam. In addition, graduate students enrolled in CMSC 33250 must submit a weekly paper response based on the readings, which are optional for undergraduates. All assignments must be done individually with the exception of Projects 4 and 5, which will be done in groups. Your course grade will be based on the following components:

	Undergraduates (CMSC 23200)	Graduate students (CMSC 33250)
Homeworks	30%	20%
Projects	45%	45%
Paper Responses	N/A	10%
Class Participation	5%	5%
Final Exam	20%	20%

Credits

This course owes a great deal to introductory computer security courses developed by others:

The homeworks are adapted from those of J. Alex Halderman and are available under a Creative Commons License.
The projects are adapted from those of Edward W. Felten.
The lectures are inspired by those of Nadia Heninger, Edward W. Felten, and J. Alex Halderman.
The Web site is adapted from that of J. Alex Halderman.